www.nfscars.net Open in urlscan Pro
192.95.3.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nfscars.net/
Effective URL:
https://www.nfscars.net/
Submission: On December 09 via api (December 9th 2023, 8:41:41 am UTC) from US — Scanned from CA

Summary HTTP 182 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 33 domains to perform 182 HTTP transactions. The main IP is 192.95.3.44, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.nfscars.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 6th 2022. Valid for: a year.

This is the only time www.nfscars.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	192.95.3.44 192.95.3.44	16276 (OVH) (OVH)
4	172.253.62.95 172.253.62.95	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	169.150.236.99 169.150.236.99	60068 (CDN77 ^_^) (CDN77 ^_^)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
19	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
6	146.75.28.193 146.75.28.193	54113 (FASTLY) (FASTLY)
5	104.238.220.140 104.238.220.140	23470 (RELIABLESITE) (RELIABLESITE)
3	142.251.16.101 142.251.16.101	15169 (GOOGLE) (GOOGLE)
3	54.192.51.21 54.192.51.21	16509 (AMAZON-02) (AMAZON-02)
4	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
1	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
1	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
15	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
1	68.183.51.111 68.183.51.111	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	3.162.3.109 3.162.3.109	16509 (AMAZON-02) (AMAZON-02)
8	104.26.2.190 104.26.2.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	172.253.63.132 172.253.63.132	15169 (GOOGLE) (GOOGLE)
2 20	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
5	172.67.133.7 172.67.133.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
2	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
3	172.253.62.147 172.253.62.147	15169 (GOOGLE) (GOOGLE)
1	142.250.31.148 142.250.31.148	15169 (GOOGLE) (GOOGLE)
4	172.217.26.227 172.217.26.227	15169 (GOOGLE) (GOOGLE)
1 2	69.194.242.12 69.194.242.12	26120 (RHYTHMONE) (RHYTHMONE)
1 1	34.234.206.124 34.234.206.124	14618 (AMAZON-AES) (AMAZON-AES)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	213.180.193.90 213.180.193.90	208398 (TELETECH) (TELETECH)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	54.198.64.103 54.198.64.103	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
8	142.251.179.149 142.251.179.149	15169 (GOOGLE) (GOOGLE)
1 1	172.253.115.138 172.253.115.138	15169 (GOOGLE) (GOOGLE)
2	173.194.31.200 173.194.31.200	15169 (GOOGLE) (GOOGLE)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
182	33

28 192.95.3.44 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: nfscars.net

www.nfscars.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.236.99 (Chicago, United States) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-236-99.datapacket.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.238.220.140 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.16.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.51.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-21.yul62.r.cloudfront.net

s3.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.51.111 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-23.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-109.yul62.r.cloudfront.net

static4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.26.2.190 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.16.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.133.7 (United States)

ASN13335 (CLOUDFLARENET, US)

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.26.227 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.194.242.12 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.206.124 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-206-124.compute-1.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.180.193.90 (Russian Federation) 2 redirects

ASN208398 (TELETECH, RS)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (North Bergen, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.64.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-64-103.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.179.149 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f149.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.138 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f138.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.31.200 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s48-in-f8.1e100.net

r3---sn-ab5sznzr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	488 KB
32	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	197 KB
28	nfscars.net 1 redirects www.nfscars.net	358 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	94 KB
11	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r3---sn-ab5sznzr.c.2mdn.net	259 KB
8	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 12545	724 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	350 KB
6	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364	2 MB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	138 KB
5	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 23165	3 KB
5	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19131	4 MB
4	buysellads.com s3.buysellads.com — Cisco Umbrella Rank: 50694 srv.buysellads.com — Cisco Umbrella Rank: 21550	12 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5624	1014 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	876 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	buysellads.net static4.buysellads.net — Cisco Umbrella Rank: 103477	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	83 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	622 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1014	285 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	644 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 4966	729 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	488 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1072	706 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7197	641 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	747 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	82 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11597	734 B
0	extend.tv Failed sync.extend.tv Failed
182	33

	Domain	Requested by
28	www.nfscars.net	1 redirects www.nfscars.net
23	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	www.nfscars.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.nfscars.net googleads.g.doubleclick.net
12	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net www.nfscars.net
8	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
8	cdn.rtbrain.app	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	i.imgur.com	www.nfscars.net
5	g.bidbrain.app	www.nfscars.net cdn.rtbrain.app
5	i.postimg.cc	www.nfscars.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.nfscars.net googleads.g.doubleclick.net
3	an.yandex.ru	2 redirects googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	s3.buysellads.com	www.nfscars.net s3.buysellads.com
3	www.google-analytics.com	www.nfscars.net www.google-analytics.com www.googletagmanager.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	r3---sn-ab5sznzr.c.2mdn.net	www.nfscars.net
2	match.adsrvr.org	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	static4.buysellads.net	www.nfscars.net
2	maxcdn.bootstrapcdn.com	www.nfscars.net maxcdn.bootstrapcdn.com
1	gcdn.2mdn.net	1 redirects
1	ius.ctnsnet.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	px.ads.linkedin.com	1 redirects
1	aep.mxptint.net	1 redirects
1	trace.mediago.io	1 redirects
1	t.adx.opera.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	ad.doubleclick.net	www.googletagservices.com
1	srv.buysellads.com	s3.buysellads.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.jsdelivr.net	www.nfscars.net
1	cdn.rawgit.com	1 redirects
0	sync.extend.tv Failed	googleads.g.doubleclick.net
182	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
i.imgur.com
soundcloud.com
srv.buysellads.com
nfscars.bsa-whitelabel.com
www.nfsunlimited.net
www.racerplanet.com
www.nfscheats.com
www.nfsaddons.net
needforspeed.sk
www.nfspolicehq.com
nfs-mania.com
www.fsxaddons.com
www.farmaddons.com

Subject Issuer	Validity	Valid
nfscars.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-06` - `2023-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
postimg.cc R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s3.buysellads.com Amazon RSA 2048 M02	`2023-11-16` - `2024-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
static4.buysellads.net Amazon RSA 2048 M01	`2023-10-12` - `2024-11-09`	a year	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bidbrain.app E1	`2023-11-02` - `2024-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.nfscars.net/
Frame ID: 51A92A9E0538C39BACE0E33EE2223A31
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&adk=1812271804&adf=3025194257&lmt=1702111295&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295596&bpp=3&bdt=527&idt=211&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6470274486482&frm=20&pv=2&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=238
Frame ID: 6D09F3F9974848F49AF38EB80E1D1051
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Frame ID: C91A6506DEBEF30BD4A282C633D88B0C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=15&slotname=1396184927&adk=1591867979&adf=1828367438&pi=t.ma~as.1396184927&w=728&lmt=1702111295&rafmt=12&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295601&bpp=1&bdt=531&idt=250&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&dtd=254
Frame ID: 8A0E20E88AC174636E27CB94263BAA83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=15&slotname=1396184927&adk=1591867979&adf=1554396327&pi=t.ma~as.1396184927&w=728&lmt=1702111295&rafmt=12&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295602&bpp=1&bdt=532&idt=255&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=2516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=257
Frame ID: A8BF021C7855DF8C0F6B009A509F8BBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=0&slotname=4427363327&adk=3178402854&adf=2483715541&pi=t.ma~as.4427363327&w=0&lmt=1702111295&rafmt=12&format=0x0&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295603&bpp=1&bdt=533&idt=263&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=1396184927%2C1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cenr%7C&abl=CS&fu=33024&bc=31&ifi=6&uci=a!6&fsb=1&dtd=265
Frame ID: 5210FB2413BFA28F059C73D547731FCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&slotname=4427363327&adk=1236534555&adf=3266323141&pi=t.ma~as.4427363327&w=250&lmt=1702111295&rafmt=12&format=250x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295604&bpp=1&bdt=534&idt=267&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C0x0&prev_slotnames=1396184927%2C1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=975&ady=1652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&dtd=269
Frame ID: 3FB08F20215950D9F10C3459FBF3F138
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4
Frame ID: 9BA1BFA2356A77CB78C9AF5FBA3FEA7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10
Frame ID: 4A58FDCCA38935A4D29D097195EC9696
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=2811668165&adf=3903675467&pi=t.aa~a.1438452762~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280%2C637x280&prev_slotnames=1396184927%2C1396184927&nras=4&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=948&ady=2448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=15
Frame ID: 89025BEB0F5607CE94A9A6E170DC122B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F019ED5FF97CF6C29BD25534538DD24D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 746F8BA00AE8087FFC2EF5FFED5AED08
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 861C37E073B58864BE8F8C95ADE587C2
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 588F60362E95D6A0BCC3F9D2DFB682A0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 08D831431DE8959C488415BD43B917DA
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730021;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1707814360;ord=zs20fo;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCvV8OQCh0Zc3LMYetoPMPm86NqAPBjPyKdPzq16_uEa-BuuPXAhABIP-U-AFg_eiigfADoAHS-MviA8gBCagDAcgDAqoEygFP0I5y-uipIqeF5WDCGQ6BWAVrm5l4XmpfRSlwo5eElUf6nhCUlWs5-JrY1JSwEqkvz9cvoyizIgrr18ong1P8_FNNA0DbU45AnNsiFowJIwVkOfm3NyFuZHrIM0Zb8NyFzfsbTpANY3hyXE_KD-reb3UMURMZo28WgjKh_85V0_S3zSzjBfqnOGZncGwXEH4bIR9zh_E5yidgCwlJ2lApXcS7N0wVNS-17lMlR35J3uAFdH2Q3lZtxTA-UVjb6_-G8OuGLZX63pIPwAT_8v2ThgKIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHQiAYRABGB8yAooCOgKAQEi9_cE6WNjL29n6gYMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQoNuEhr7xselhEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIzevb2fqBgwMVhxZoCB0bZwM1EAEYASAAEgI2FvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3kGjMYnWxJhOC2fuEaNXKB7LFkIsIm-VoQ2_IRZWjKpjUA7YZkL2Vd9jma06QsURXVMiGMBbGAE%26sig%3DAOD64_04q0JBYdo_-6QGzSMHTfENzZVQKQ%26client%3Dca-pub-0131363186072577%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.nfscars.net%2F$0;xdt=1;crlt=)KV22Zze8-;stc=1;chaa=1;sttr=49;prcl=s
Frame ID: B000817D6649F9FF14EFC63CBB5CFE75
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 175D6D33B147FCC2DFD48F4A13DF0538
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1EC776B4A55A433FEF3415597CE48D59
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9BDEE0219510B9DD084A872FC76E3B16
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F0EED44F3CDF578DC188B0BECC80669E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
Frame ID: B57D4E8AE269CBEB53B11FDD8C685FC6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAC2E6B940D3CE2A11FCB8A762327ADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31D3CBF4669F8A2DB6B34FC5E954103B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NFSCars | Need For Speed Cars

Page URL History Show full URLs

http://www.nfscars.net/ HTTP 301
https://www.nfscars.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

182
Requests

78 %
HTTPS

0 %
IPv6

33
Domains

46
Subdomains

33
IPs

6
Countries

9295 kB
Transfer

13237 kB
Size

29
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/NFSCars/

Search URL Search Domain Scan URL

URL: https://twitter.com/nfscars

Search URL Search Domain Scan URL

URL: https://i.imgur.com/H9QZilq

Search URL Search Domain Scan URL

URL: https://soundcloud.com/zoltan-kocs/nfscars-podcast-2-living-in-the-past
Title: HERE

Search URL Search Domain Scan URL

URL: https://i.imgur.com/Rc788Bw.jpg
Title: THIS

Search URL Search Domain Scan URL

URL: https://soundcloud.com/zoltan-kocs/nfscars-podcast-the-past

Search URL Search Domain Scan URL

URL: https://srv.buysellads.com/ads/click/x/GTND427ECVYI42QMCKS4YKQUCTYIL5QECV7IVZ3JCAYD627EFTSI62JKC67IC53MCTBITKJJF6SICK7YCWSIL53IHEYI5K3LC6YDE53ECTNCYBZ52K

Search URL Search Domain Scan URL

URL: https://srv.buysellads.com/ads/click/x/GTND427ECVYI42QMCKS4YKQUCT7DT27MCAAI6Z3JCAYD62JUCKAI653KC67IC53MCTBITKJJF6SICK7YCWSIL53IHEYI5K3LC6YDE53ECTNCYBZ52K

Search URL Search Domain Scan URL

URL: http://nfscars.bsa-whitelabel.com/checkout/new/?utm_source=footer-placement&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=
Title: Advertise Here

Search URL Search Domain Scan URL

URL: http://www.nfsunlimited.net/
Title: NFS Unlimited

Search URL Search Domain Scan URL

URL: http://www.racerplanet.com/
Title: Racer Planet

Search URL Search Domain Scan URL

URL: http://www.nfscheats.com/
Title: NFS Cheats

Search URL Search Domain Scan URL

URL: http://www.nfsaddons.net/
Title: NFS Addons

Search URL Search Domain Scan URL

URL: http://needforspeed.sk/
Title: NFS SK

Search URL Search Domain Scan URL

URL: http://www.nfspolicehq.com/
Title: NFS Police HQ

Search URL Search Domain Scan URL

URL: http://nfs-mania.com/
Title: NFS-Mania.com

Search URL Search Domain Scan URL

URL: http://www.fsxaddons.com/
Title: FSX Addons

Search URL Search Domain Scan URL

URL: http://www.farmaddons.com/
Title: Farm Addons

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nfscars.net/ HTTP 301
https://www.nfscars.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.rawgit.com/igorlino/fancybox-plus/1.3.6/css/jquery.fancybox-plus.css HTTP 301
https://cdn.jsdelivr.net/gh/igorlino/fancybox-plus@1.3.6/css/jquery.fancybox-plus.css

Request Chain 133

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1&google_push=AXcoOmQx-Mxg_pFxTbK_Dit75RuVbjhPqPQ4Z705EHXt-tJDwwJBz2-AzIuprkCEjGDUGbEdQSHLnUswpi9541IMyGzIzCTxBxPeLOGKfS9aw6AfyPJcP7XIyIKWVZWJZqKyC4FP5lPDgpbZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg2NDc0Mjk0NzE5OTIyMTYwNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1

Request Chain 134

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBGpNFQq37SyZm3u6VnoK0w&google_cver=1&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoMICXddRu0tgnXxrb7x9-482ldpLr4WEVmmw5rfhQ6zyLARaAHvsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoMICXddRu0tgnXxrb7x9-482ldpLr4WEVmmw5rfhQ6zyLARaAHvsQ&google_hm=eS1jb2tYR1E5RTJwRVFOdUtRUi5WY0xjNFNtN3NXQncua35B

Request Chain 136

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESENFWd5R8LrnADyO8-RGSfas&google_cver=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1KauZHNGSDI5FoJc71Qmmm6DqTlUfP62YdSukVdCCWtzucQcRMOMTXfVvpcj7QUR4zwutlso HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESENFWd5R8LrnADyO8-RGSfas&google_cver=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1KauZHNGSDI5FoJc71Qmmm6DqTlUfP62YdSukVdCCWtzucQcRMOMTXfVvpcj7QUR4zwutlso HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RN6R-fRVQWm3y4Mo2z5mUA==&no_redirect=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1KauZHNGSDI5FoJc71Qmmm6DqTlUfP62YdSukVdCCWtzucQcRMOMTXfVvpcj7QUR4zwutlso

Request Chain 137

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmR7NfOXZeg_nJssIeWK65HHslq7jVtRxMZHq_XTsgvLjK--OIx0ZzzZ-23LT3re5e1ija1VDJ9INP8nii2_anJ8JDB6C0RYFL3Jnl8VdmklwGuB65vwc3Bp4LiBSE4O_ZGhMctCE3AQBA&google_gid=CAESEL31K4spkPHkm2F-bbl8G20&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL31K4spkPHkm2F-bbl8G20&google_hm=T1BVNWI5YWY4ZTA0MWNlNDVlYjlkYjc2ZWM5NTA0ZWI1YWE&google_nid=opera_norway_as&google_push=AXcoOmR7NfOXZeg_nJssIeWK65HHslq7jVtRxMZHq_XTsgvLjK--OIx0ZzzZ-23LT3re5e1ija1VDJ9INP8nii2_anJ8JDB6C0RYFL3Jnl8VdmklwGuB65vwc3Bp4LiBSE4O_ZGhMctCE3AQBA

Request Chain 138

https://an.yandex.ru/mapuid/google/CAESEP_nMvnE5gQy-lBpu0KiWZ4?ext-param=AXcoOmQzYelyQtrF_hweIdDW1B6KREXwKUd7glIE3RNhs6IMH8aWzqmXjz0ufk13eUoolJ6uOcwDmyianBzCQf2Pqkak5YRPoGwQ4Hf37eea0NV6pGB_4W-EIVWievxBynTw7V9CnJZPHdOYq_Y&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEP_nMvnE5gQy-lBpu0KiWZ4?redir-setuniq=1&ext-param=AXcoOmQzYelyQtrF_hweIdDW1B6KREXwKUd7glIE3RNhs6IMH8aWzqmXjz0ufk13eUoolJ6uOcwDmyianBzCQf2Pqkak5YRPoGwQ4Hf37eea0NV6pGB_4W-EIVWievxBynTw7V9CnJZPHdOYq_Y&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEP_nMvnE5gQy-lBpu0KiWZ4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 139

https://trace.mediago.io/cs/google?google_gid=CAESEMJz-_dslVJ1DaiHXo9Qlgs&google_cver=1&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYCCIVyWskVeArHUBBEVcto_7Ve3BQQuhTgJZTAXRnx8BEBRmd2JA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYCCIVyWskVeArHUBBEVcto_7Ve3BQQuhTgJZTAXRnx8BEBRmd2JA&google_hm=81fa84b7ead217ea1043jt00lpxt4aq1

Request Chain 142

https://aep.mxptint.net/sn.ashx?google_gid=CAESEOi-hhfygKxmHziZPIT4W8E&google_cver=1&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_&google_hm=UjMzNjQ2XzEwRDY5RDdFOF9DM0FGODdBQw%3D%3D

Request Chain 143

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMC417qBJYCF9js9x7_Ri_8&google_cver=1&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12jkGrDKNQvQP6dydN142jKLM7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12jkGrDKNQvQP6dydN142jKLM7Q

Request Chain 144

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIBnUVxoHajyUb-ZCk2e0xE&google_cver=1&google_push=AXcoOmQK2HvM1cIyIGww28RpkJvNM6vtXbjvW9ok4pKdhB7FVg8VCBH0aUj5gHv8tOZ5fq6rDxFV21baryz6Hpbux_vkpXGrUEsK HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIBnUVxoHajyUb-ZCk2e0xE&google_cver=1&google_push=AXcoOmQK2HvM1cIyIGww28RpkJvNM6vtXbjvW9ok4pKdhB7FVg8VCBH0aUj5gHv8tOZ5fq6rDxFV21baryz6Hpbux_vkpXGrUEsK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGIyYzQ4OTQtMTEyNS00Y2RkLTk0YmItM2MxYmQwODI5OTU5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4b2c4894-1125-4cdd-94bb-3c1bd0829959

Request Chain 148

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEKiSudSACF6flQsjK1VoCkA&google_cver=1&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbghfye-mGHxqkOb126P8NghAMAUEsGktq-AJRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbghfye-mGHxqkOb126P8NghAMAUEsGktq-AJRA&google_hm=_F4-aootTyClabwujFOrM0I

Request Chain 155

https://gcdn.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/A6C461B4669A91144CCB52F08BC08D87A1681AB5.4ADD54D18DF13C55BE5250797A445897B535DEDE/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/640A44B8A95818DFBCB21B1787B69F1CFED25B7B.2CF790380D6C574CA2FAFC92351CB5390117CB2A/key/cms1/cms_redirect/yes/mh/vq/mip/185.193.64.66/mm/42/mn/sn-ab5sznzr/ms/onc/mt/1702110986/mv/m/mvi/3/pl/24/file/file.mp4

182 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.nfscars.net/
Redirect Chain

http://www.nfscars.net/
https://www.nfscars.net/

78 KB
13 KB

803ms
631ms

Document
text/html

192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nfscars.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

nfscars.net

Software

nginx / Phusion Passenger 5.0.8 PleskLin

Resource Hash

504c81d3dd09c528d17ddedf4b32022727ab9b87185ec44a08b7b0ccd39bbeda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 12372
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Dec 2023 08:41:35 GMT
Last-Modified: Sat, 09 Dec 2023 08:41:35 GMT
Server: nginx
Status: 200 OK
X-Powered-By: Phusion Passenger 5.0.8 PleskLin
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Sat, 09 Dec 2023 08:41:35 GMT
vary: Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 09 Dec 2023 08:41:34 GMT
Location: https://www.nfscars.net/
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK bootstrap.min.css
www.nfscars.net/static/bootstrap/css/ 120 KB
20 KB 30ms
28ms Stylesheet
text/css 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nfscars.net/static/bootstrap/css/bootstrap.min.css
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2015 21:12:50 GMT
Server: nginx
ETag: W/"55809152-1deac"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 122ms
43ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,700italic,400italic,300,300italic

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 08:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 08:41:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 08:41:35 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 81ms
37ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 1377347
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f99c225dea09fd9a1dc0298de4f8988a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 832bf32a98e57139-YUL
cdn-requestpullsuccess: True

GET
H2

200

jquery.fancybox-plus.css
cdn.jsdelivr.net/gh/igorlino/fancybox-plus@1.3.6/css/
Redirect Chain

https://cdn.rawgit.com/igorlino/fancybox-plus/1.3.6/css/jquery.fancybox-plus.css
https://cdn.jsdelivr.net/gh/igorlino/fancybox-plus@1.3.6/css/jquery.fancybox-plus.css

9 KB
2 KB

57ms
18ms

Stylesheet
text/css

151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/igorlino/fancybox-plus@1.3.6/css/jquery.fancybox-plus.css

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29c262bbedf6e9c041373508ca2894a4b01d61d9557a616ea060df50c77a3c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 08:41:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4523480
x-jsd-version: 1.3.6
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1794
x-served-by: cache-fra-etou8220114-FRA, cache-yul12831-YUL
x-jsd-version-type: version
etag: W/"23c4-kzFxd6uEFwDT3ppdy/6U9s2DI3o"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1067
age: 69052
x-cache: MISS, HIT
cdn-cachedat: 12/09/2023 08:41:35
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 119
x-served-by: cache-fra-eddf8230115-FRA, cache-chi-kigq8000151-CHI
server: BunnyCDN-IL1-1069
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/igorlino/fancybox-plus@1.3.6/css/jquery.fancybox-plus.css
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 3c5c1aa5fb13a6e290c836bf61785088
timing-allow-origin: *
cdn-requestcountrycode: CA
cdn-status: 301
cdn-requestpullsuccess: True

GET
H/1.1 200
OK main.css
www.nfscars.net/static/styles/ 50 KB
9 KB 55ms
23ms Stylesheet
text/css 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nfscars.net/static/styles/main.css?version=51
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: 225ae182c848a1003e7b48e1a17bef4f50ad72ce587ced4f205ee0bead20acce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2017 06:12:56 GMT
Server: nginx
ETag: W/"58f85168-c933"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 135ms
63ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

295a9beae2f13877f9e5a9eadfbc867e84acb714ba0e52794d495cfe5d5a2de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51946
x-xss-protection: 0
server: cafe
etag: 6866408474741833438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:35 GMT

GET
H/1.1 200
OK nfscars-logo.png
www.nfscars.net/static/img/ 8 KB
8 KB 56ms
19ms Image
image/png 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/static/img/nfscars-logo.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: d1f6263df8344cfbba18a961d25e4b52b9eeb5b4aec8f25fd88eb631eff475dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Last-Modified: Wed, 12 Apr 2017 06:32:46 GMT
Server: nginx
ETag: "58edca0e-1f5b"
Content-Type: image/png
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8027
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H2 200 a7nX5Mp.png
i.imgur.com/ 26 KB
27 KB 117ms
36ms Image
image/png 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/a7nX5Mp.png

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6167d38eae0050dcca7f379e32be736df2a0d2f09bb0de9a7b4e8416702ade46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2671815
x-cache: Miss from cloudfront, HIT
content-length: 26788
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Wed, 14 Aug 2019 11:08:41 GMT
server: cat factory 1.0
x-timer: S1702111295.179157,VS0,VE1
etag: "b6c1ce589ad40d16be92f333dd0e9b52"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Vj4_hNSIyRYn7GWprRBN6OCAvsQhyIVjOYxRzvuF2RVyuPe-DTEaZw==
x-cache-hits: 1

GET
H2 200 prfKhcm.jpg
i.imgur.com/ 343 KB
343 KB 79ms
56ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/prfKhcm.jpg

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cd97063da93feb8d1b863adb62c261091689b7b3655caef25bf854edbe83a295

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 814409
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 350763
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Wed, 14 Aug 2019 12:11:22 GMT
server: cat factory 1.0
x-timer: S1702111295.179263,VS0,VE2
etag: "a0897555dd8ec102596b1aa34e87bca0"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cCbOG8VduWZVcyINhSNp93ed8hCqITLRowqEPkjoDnt5m9x6YfEETQ==
x-cache-hits: 1

GET
H2 200 xwfGH67.png
i.imgur.com/ 336 KB
337 KB 56ms
56ms Image
image/png 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xwfGH67.png

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0a8c568210f7e4433924c0c6971b8a2fbfcd6b1b22b4f183668dd90852227852

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 703432
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 344347
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Mon, 05 Aug 2019 16:29:42 GMT
server: cat factory 1.0
x-timer: S1702111295.236147,VS0,VE2
etag: "9840d45668b2cfec60b67f82fc95bf90"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: m4zay_TR-UyZ2OSg-Y5d0yAzNh6cTMKsPXvzPbO6Jo5KqJTjnRR3Mw==
x-cache-hits: 1

GET
H2 200 H9QZilq.jpg
i.imgur.com/ 976 KB
977 KB 65ms
57ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/H9QZilq.jpg

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

100d9e8bd28c0debc736db45f3f06c55daec1d300aae645b2add30b1189a1539

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 365748
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 999828
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Wed, 24 Jul 2019 09:31:18 GMT
server: cat factory 1.0
x-timer: S1702111295.294167,VS0,VE8
etag: "124c910c9b97aa9bf96891b3698c8b2a"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JMcNQFQGO3qxDU8hI-TP59QbWJiTkkpOqFRWPiJ-dzCuWxKaLOwmxw==
x-cache-hits: 1

GET
H2 200 Unleashed12.jpg
i.postimg.cc/C5bWq3Hx/ 161 KB
161 KB 256ms
85ms Image
image/jpeg 104.238.220.140
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/C5bWq3Hx/Unleashed12.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.140 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: ad0420dba9bcfe4b3e54970827582bbdba5188bbc10295e59691c8929bfdcd32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
last-modified: Wed, 17 Jul 2019 00:39:38 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 164455
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.jpg
i.postimg.cc/59kHspts/ 103 KB
104 KB 255ms
84ms Image
image/jpeg 104.238.220.140
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/59kHspts/3.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.140 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: ec124e24151c12beff702b0d7159b1030e1384add93ae1d2abb671f5f91e1bb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
last-modified: Thu, 20 Jun 2019 15:06:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 105681
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KwN1Tly.jpg
i.imgur.com/ 438 KB
439 KB 42ms
36ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/KwN1Tly.jpg

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1aab1d12b6550c2e9bad3404e735feb7427f48f57e83795bfdd7a093c78e56bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 2172436
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 448890
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Tue, 18 Jun 2019 23:55:31 GMT
server: cat factory 1.0
x-timer: S1702111295.294380,VS0,VE3
etag: "90e3871f6d4b80597c4b1a6a9f5b9ecc"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AvC-xYWnlndIon3yCKXbNmC5DHtVFjS6SDXpJhpddU8QfZc4wwwezg==
x-cache-hits: 1

GET
H2 200 10.png
i.postimg.cc/kgRM9pxW/ 2 MB
2 MB 255ms
85ms Image
image/png 104.238.220.140
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/kgRM9pxW/10.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.140 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c774d2f006d79e955500f7f59ea7d4ab2ec03599a27fec4f09458df4fe016ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
last-modified: Thu, 13 Jun 2019 20:36:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2078545
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.png
i.postimg.cc/pdRg9zkg/ 1 MB
1 MB 256ms
85ms Image
image/png 104.238.220.140
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/pdRg9zkg/1.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.140 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: d64c85a3fa3f67e050238dac6c815f262efcdbd24895ea9f235e084c26f4724b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
last-modified: Thu, 06 Jun 2019 13:52:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1455192
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.jpg
i.postimg.cc/vTLWfBvR/ 180 KB
180 KB 255ms
85ms Image
image/jpeg 104.238.220.140
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vTLWfBvR/7.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.140 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: da09ae266a4a74207746a3857bbb3037cfc0ecde3b69f80cc1e02891bbbe03d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
last-modified: Tue, 28 May 2019 19:23:09 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 183916
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Rc788Bw.jpg
i.imgur.com/ 431 KB
432 KB 52ms
47ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Rc788Bw.jpg

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2782ebf8080bbe3fea68feece3ae22cda9344f02488c3396adec4ee4661e144c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2669265
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 441715
x-served-by: cache-iad-kiad7000035-IAD
last-modified: Mon, 27 May 2019 23:49:16 GMT
server: cat factory 1.0
x-timer: S1702111295.294377,VS0,VE6
etag: "1a280ce76e2ea4ea38fde3c24c4007cb"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4qYiV5W1VqwdeErZzqm80PlK-vOQe3GeAnv4jdFJ4Q1v2i0LNqK1JQ==
x-cache-hits: 1

GET
H/1.1 200
OK ecf9688441b4c64e854aff4a3dac5c41.jpg
www.nfscars.net/media/cache/ec/f9/ 5 KB
5 KB 55ms
51ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/ec/f9/ecf9688441b4c64e854aff4a3dac5c41.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: d5de502a02b09d81fd349b4dc138e546bede6aa7fb7f8695c24a83708264129a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Dec 2023 23:32:54 GMT
Server: nginx
ETag: "49c09cd-122b-60c0800dfb0ea"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4525
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 6587b5ecb618dd0c7ddc7ea3228ef308.jpg
www.nfscars.net/media/cache/65/87/ 4 KB
4 KB 124ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/65/87/6587b5ecb618dd0c7ddc7ea3228ef308.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 308cabb34e192402639f022f1e0985f5363d3912425308351173748aa41d1ce5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Nov 2023 13:48:51 GMT
Server: nginx
ETag: "4f6016d-f9d-60b228fedad2f"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3872
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 6925d6073b761e88aaad577d3a9535b9.jpg
www.nfscars.net/media/cache/69/25/ 4 KB
4 KB 32ms
22ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/69/25/6925d6073b761e88aaad577d3a9535b9.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 8ce2e04964e614109dd10e467f1754c68a0eb5cf3851e5b4ae5023bb0abdbce9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Nov 2023 22:16:57 GMT
Server: nginx
ETag: "4b40922-fc2-60a88ba491fd5"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3902
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 017e5e5d0a9ebe048fdde9a692aab6a9.jpg
www.nfscars.net/media/cache/01/7e/ 5 KB
5 KB 35ms
23ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/01/7e/017e5e5d0a9ebe048fdde9a692aab6a9.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 92ec8fde8f15b0f8e9843fe9c6fcca31276750140bb856f4c42c2c2dd66d0065

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2023 08:23:56 GMT
Server: nginx
ETag: "4600b4f-127d-607a8e4ec2973"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4601
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 60e4558dbb4af61ac8e111e4715eeb69.jpg
www.nfscars.net/media/cache/60/e4/ 4 KB
4 KB 72ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/60/e4/60e4558dbb4af61ac8e111e4715eeb69.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: b71f50cb50b14dfe0d7a8e34a213d892f7116421f4342ccaba478a07913448b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Oct 2023 05:55:24 GMT
Server: nginx
ETag: "4d80096-104e-6071a00d6025b"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4051
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK b30e335b6d66d7064be8c109390a7fc6.jpg
www.nfscars.net/media/cache/b3/0e/ 5 KB
5 KB 59ms
19ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/b3/0e/b30e335b6d66d7064be8c109390a7fc6.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: feeb693e5ee754cef8e07d938c9749c0acda007732559531431f39b29027b6c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Oct 2023 01:48:39 GMT
Server: nginx
ETag: "4f60163-1370-607168e5f534e"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4842
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 05423f80fc4e0b4e1418a2ef6d34d30e.jpg
www.nfscars.net/media/cache/05/42/ 6 KB
6 KB 57ms
21ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/05/42/05423f80fc4e0b4e1418a2ef6d34d30e.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: faa3d8b0316413ac0822c4695810d3e5564d33783da040a064b8defd6c149b8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Sep 2023 12:54:01 GMT
Server: nginx
ETag: "4aa097e-1953-6067eeb2b32db"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6062
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 5f0fa7f4e0c0cb236cb5b34dd18963a4.jpg
www.nfscars.net/media/cache/5f/0f/ 4 KB
4 KB 58ms
19ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/5f/0f/5f0fa7f4e0c0cb236cb5b34dd18963a4.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 2113f5b928e54c436f2b858dc112a585a39f2aea6daa3d2a06da3b261b7deb2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 09:03:49 GMT
Server: nginx
ETag: "4f6004c-ee1-606171eb22df2"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3666
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK b23325dc3fe23aa97da72d3251e04fc0.jpg
www.nfscars.net/media/cache/b2/33/ 4 KB
4 KB 36ms
24ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/b2/33/b23325dc3fe23aa97da72d3251e04fc0.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 318e20115f25ae0c8a1c0292fd090ea2fe10218fd226cd9d522bdbbf3ad647af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 16:59:12 GMT
Server: nginx
ETag: "4ca0750-10f4-60a47f06a92d5"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4213
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 60506c89b83f2404edeed990043836bf.jpg
www.nfscars.net/media/cache/60/50/ 5 KB
5 KB 75ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/60/50/60506c89b83f2404edeed990043836bf.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 2351d1684c1952422f3de1f422fb5b353bd6a5ee82eceffa9f77c36f1af445e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 03:19:27 GMT
Server: nginx
ETag: "4b0092e-12be-609c3c9b746c3"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4673
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK ad7fbfe2ff8678517a53055ac4fcb712.jpg
www.nfscars.net/media/cache/ad/7f/ 5 KB
5 KB 53ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/ad/7f/ad7fbfe2ff8678517a53055ac4fcb712.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: b24e4ceb115f9317c49fe56e2a99167adb655c744c648ed19f43c005b336b08b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 08:18:26 GMT
Server: nginx
ETag: "4620ba8-14de-60912ea6301ba"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5203
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 9e06c7d2ed8d383feef44b19de1d421a.jpg
www.nfscars.net/media/cache/9e/06/ 5 KB
5 KB 31ms
21ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/9e/06/9e06c7d2ed8d383feef44b19de1d421a.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: f58a8eb54f619b279e70d034bf490e052758e72e824c8a1ac542f532daaac962

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Oct 2023 12:43:12 GMT
Server: nginx
ETag: "4b40921-1285-60889cc59e1a3"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4614
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 970e1e322e5ae0081b34ede03cb92796.jpg
www.nfscars.net/media/cache/97/0e/ 5 KB
5 KB 55ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/97/0e/970e1e322e5ae0081b34ede03cb92796.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: a3a4b6a99c2c9fbdb260cb0fe6c69ca699e8cb61eaef682c17c83650f92178d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Oct 2023 22:25:50 GMT
Server: nginx
ETag: "4f60169-1223-608193cf6d5a3"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4509
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK ca51bc078435f0e8effe7e0b1810db73.jpg
www.nfscars.net/media/cache/ca/51/ 4 KB
4 KB 76ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/ca/51/ca51bc078435f0e8effe7e0b1810db73.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 61b66b06527a91591794f90118b926af8b6ce46666172ae3c19d2529aa5d61ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Oct 2023 15:09:48 GMT
Server: nginx
ETag: "4de003a-1018-607d6cc16f384"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3997
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 6de9d5a78959a9af5c08209e0555ab5c.jpg
www.nfscars.net/media/cache/6d/e9/ 4 KB
4 KB 52ms
19ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/6d/e9/6de9d5a78959a9af5c08209e0555ab5c.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 13614a5eae9454f44dcf35c2b73a854d788a9200965fd34970dc09acdd2617a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2023 06:44:18 GMT
Server: nginx
ETag: "4a009ae-e5f-607a78092ef37"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3547
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK 5b4e533e1a97b0e297b7696a6b6d96d6.jpg
www.nfscars.net/media/cache/5b/4e/ 4 KB
4 KB 73ms
20ms Image
image/jpeg 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/media/cache/5b/4e/5b4e533e1a97b0e297b7696a6b6d96d6.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx / PleskLin
Resource Hash: 5749b91dcdcedad8f4c6150c6584d938310b2191cf6ea81254cabd330edbb999

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2023 06:37:21 GMT
Server: nginx
ETag: "500012e-e50-607a767be7f08"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3534
Expires: Sun, 08 Dec 2024 08:41:35 GMT

GET
H/1.1 200
OK dependencies.js Show response
www.nfscars.net/static/scripts/ 703 KB
216 KB 34ms
29ms Script
application/javascript 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nfscars.net/static/scripts/dependencies.js?version=51
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: 74d11fa05565b099aa4c47bbae8e2caeb7ec22446f2bddda10643356b4701d65

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2016 13:22:07 GMT
Server: nginx
ETag: W/"583597ff-afd75"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H/1.1 200
OK nfscars.js Show response
www.nfscars.net/static/scripts/ 25 KB
5 KB 58ms
52ms Script
application/javascript 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nfscars.net/static/scripts/nfscars.js?version=51
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: 6566c0bc92662292b90e435aed9c09b89bd7082f2f43a56ba933ec4a17a0a923

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Apr 2017 09:29:17 GMT
Server: nginx
ETag: W/"58e60a6d-6379"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.nfscars.net/static/bootstrap/js/ 36 KB
10 KB 24ms
23ms Script
application/javascript 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nfscars.net/static/bootstrap/js/bootstrap.min.js
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2015 21:12:50 GMT
Server: nginx
ETag: W/"55809152-8fd0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 106ms
32ms Script
text/javascript 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 08:36:03 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 332
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 10:36:03 GMT

GET
H2 200 bsa.js Show response
s3.buysellads.com/ac/ 19 KB
6 KB 88ms
21ms Script
application/javascript 54.192.51.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/ac/bsa.js
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-21.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:17:53 GMT
content-encoding: br
via: 1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2016 18:53:47 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1423
etag: W/"f6b33c51e637efde46d89be5413fab46"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 1Rnj6tvHnxCenqYtS5R13Z-ybwryPw3UF-oOaHkRNdYNQDu_o9bYEw==

GET
H/1.1 200
OK nfs-icon-sprite.png
www.nfscars.net/static/img/ 1 KB
2 KB 122ms
19ms Image
image/png 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/static/img/nfs-icon-sprite.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/static/styles/main.css?version=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: f037d644a235afe200100d2314be9571611997c5577fc570d9f952964769c34a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/static/styles/main.css?version=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Last-Modified: Wed, 12 Apr 2017 06:32:46 GMT
Server: nginx
ETag: "58edca0e-52a"
Content-Type: image/png
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1322
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H/1.1 200
OK object-title-bg.png
www.nfscars.net/static/img/ 76 B
422 B 24ms
24ms Image
image/png 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nfscars.net/static/img/object-title-bg.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/static/styles/main.css?version=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: nfscars.net
Software: nginx /
Resource Hash: bbdefb0fb8789d5c9d1576c8e836debe88cd9a92072fe7055a9d7f69389bf11d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/static/styles/main.css?version=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: public
Date: Sat, 09 Dec 2023 08:41:35 GMT
Last-Modified: Wed, 12 Apr 2017 06:32:47 GMT
Server: nginx
ETag: "58edca0f-4c"
Content-Type: image/png
Cache-Control: max-age=2592000, âpublicâ
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76
Expires: Mon, 08 Jan 2024 08:41:35 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 97ms
53ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.nfscars.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 76308df081323dc7b4b1e9b64e23551f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 832bf32bda166e08-YUL
cdn-requestpullsuccess: True

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 100ms
31ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,700italic,400italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nfscars.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:06:18 GMT
x-content-type-options: nosniff
age: 41717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:06:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 117ms
49ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,700italic,400italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nfscars.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:26 GMT
x-content-type-options: nosniff
age: 257409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:26 GMT

GET
H/1.1 200
OK / Show response
www.nfscars.net/api/notifications/count/ 11 B
485 B 39ms
38ms XHR
application/json 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nfscars.net/api/notifications/count/

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/static/scripts/dependencies.js?version=51

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

nfscars.net

Software

nginx / Phusion Passenger 5.0.8, PleskLin

Resource Hash

618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.nfscars.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 08:41:35 GMT
Server: nginx
X-Powered-By: Phusion Passenger 5.0.8, PleskLin
vary: Accept,Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/json
allow: GET, HEAD, OPTIONS
Status: 200 OK
cache-control: no-cache
Connection: keep-alive
Content-Length: 31
expires: Sat, 09 Dec 2023 08:41:34 GMT

GET
H/1.1 200
OK / Show response
www.nfscars.net/api/messages/count/ 11 B
485 B 34ms
34ms XHR
application/json 192.95.3.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nfscars.net/api/messages/count/

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/static/scripts/dependencies.js?version=51

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.95.3.44 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

nfscars.net

Software

nginx / Phusion Passenger 5.0.8, PleskLin

Resource Hash

618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.nfscars.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 08:41:35 GMT
Server: nginx
X-Powered-By: Phusion Passenger 5.0.8, PleskLin
vary: Accept,Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/json
allow: GET, HEAD, OPTIONS
Status: 200 OK
cache-control: no-cache
Connection: keep-alive
Content-Length: 31
expires: Sat, 09 Dec 2023 08:41:34 GMT

GET
H2 200 s_66ce4f5d2aa89ba4f8b2581a120be7bf.js Show response
s3.buysellads.com/r/ 181 B
507 B 132ms
132ms Script
application/javascript 54.192.51.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/r/s_66ce4f5d2aa89ba4f8b2581a120be7bf.js?v=1702108800000
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-21.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16debb563a91e85339e3c7deb0b5e110168160d490c33d429cbcb09cdd2d4a0d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
via: 1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jan 2021 16:02:45 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
etag: "b077f59b22dd270585ad08321e660f32"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 181
x-amz-cf-id: DinCz3HB_Dj7NljNu94EuhWJzoxbM5MM1Vj0U_OgHDECvSOktCBICA==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 66ms
66ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

0a964a97cd2a50f6b7af68d9761e8adf833bf7f01ceb3ce6f8e246772d006a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137688
x-xss-protection: 0
server: cafe
etag: 15243105206336015474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 41ms
40ms XHR
text/plain 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1682099723&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nfscars.net%2F&ul=en-us&de=UTF-8&dt=NFSCars%20%7C%20Need%20For%20Speed%20Cars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1673580802&gjid=178160410&cid=1774941298.1702111296&tid=UA-87455-1&_gid=139890166.1702111296&_r=1&_slc=1&z=1637949821

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

4de1f58e4489788bb4864f7fc4e6e329a46161a3f8a8e25164011ade9675fe5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nfscars.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nfscars.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 107ms
40ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-87455-1&cid=1774941298.1702111296&jid=1673580802&gjid=178160410&_gid=139890166.1702111296&_u=IEBAAEAAAAAAACAAI~&z=235025103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nfscars.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 08:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nfscars.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 115ms
49ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LSW8BGXQQ3&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

361f926cddc0e0174467fa39845d9ec93cebb5b614c520d2f741d3eef461ee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 08:41:35 GMT

GET
H2 200 pro.js Show response
s3.buysellads.com/ac/ 8 KB
4 KB 19ms
19ms Script
application/javascript 54.192.51.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/ac/pro.js
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-21.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:19:09 GMT
content-encoding: gzip
via: 1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2016 18:54:42 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1347
etag: W/"49e214d59c291a52de5e3289201f10ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: ejEMseRlYz9AU1iI3F3NgwAAVw26iStthD8pbMzaRY6O7s80KwEtFg==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D09 270 KB
67 KB 535ms
468ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&adk=1812271804&adf=3025194257&lmt=1702111295&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295596&bpp=3&bdt=527&idt=211&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6470274486482&frm=20&pv=2&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

8b62474f076c6dbed181db1adae9be008fa048fef936d3848ff90aa91544221a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:36 GMT
expires: Sat, 09 Dec 2023 08:41:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
srv.buysellads.com/ads/get/ids/F6ADT5T/ 3 KB
1 KB 94ms
27ms Script
application/javascript 68.183.51.111
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/get/ids/F6ADT5T/?r=1702108800000
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-23.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 326eac6397f105aa9ace0968b57c90b450736e28eb331d0d321bb2ac82ee6dd3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:35 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 1169

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C91A 48 KB
18 KB 514ms
458ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

9a0f40d5b76618b714dbcbf4f9e256814bc6ba32977c1bd632ab7b1fc0911fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:36 GMT
expires: Sat, 09 Dec 2023 08:41:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A0E 603 B
534 B 99ms
50ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=15&slotname=1396184927&adk=1591867979&adf=1828367438&pi=t.ma~as.1396184927&w=728&lmt=1702111295&rafmt=12&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295601&bpp=1&bdt=531&idt=250&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&dtd=254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:35 GMT
expires: Sat, 09 Dec 2023 08:41:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8BF 603 B
213 B 97ms
53ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=15&slotname=1396184927&adk=1591867979&adf=1554396327&pi=t.ma~as.1396184927&w=728&lmt=1702111295&rafmt=12&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295602&bpp=1&bdt=532&idt=255&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=2516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:35 GMT
expires: Sat, 09 Dec 2023 08:41:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5210 718 B
549 B 130ms
95ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=0&slotname=4427363327&adk=3178402854&adf=2483715541&pi=t.ma~as.4427363327&w=0&lmt=1702111295&rafmt=12&format=0x0&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295603&bpp=1&bdt=533&idt=263&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=1396184927%2C1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cenr%7C&abl=CS&fu=33024&bc=31&ifi=6&uci=a!6&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

6a2f871e3a0891981965b332d9800787351e2894b42df610bc3e7295d98178ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:35 GMT
expires: Sat, 09 Dec 2023 08:41:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FB0 718 B
551 B 379ms
348ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&slotname=4427363327&adk=1236534555&adf=3266323141&pi=t.ma~as.4427363327&w=250&lmt=1702111295&rafmt=12&format=250x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295604&bpp=1&bdt=534&idt=267&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C0x0&prev_slotnames=1396184927%2C1396184927&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=975&ady=1652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&dtd=269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

1a68dfdff98b2fb2ac93f72d854b46daad859629be22f11a05c667a267d38ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:36 GMT
expires: Sat, 09 Dec 2023 08:41:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1697974195-Insider_Fly_125.jpg
static4.buysellads.net/uu/5/142766/ 9 KB
10 KB 243ms
161ms Image
image/jpeg 3.162.3.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.buysellads.net/uu/5/142766/1697974195-Insider_Fly_125.jpg
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-109.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e4f7996f4b67c1422da4b8706080ef5ff8ccfc0e3bf8a27e0a6c049534ea893

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 05b4905f6074a994b5e52b7e0ee5c01a.cloudfront.net (CloudFront)
last-modified: Sun, 22 Oct 2023 11:29:56 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
etag: "b963b3a92e3cbc5bbfa46e35bea0cb11"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9485
x-amz-cf-id: edW_3unQAjuQi8_4zr79Hhnoc7-iEbpDiX3G2uItkLYvQL4_J92jzA==

GET
H2 200 1678200745-FREE_SHIPPING_ON_YOUR_FIRST_ORDER_1_.png
static4.buysellads.net/uu/5/132966/ 19 KB
20 KB 213ms
132ms Image
image/png 3.162.3.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.buysellads.net/uu/5/132966/1678200745-FREE_SHIPPING_ON_YOUR_FIRST_ORDER_1_.png
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-109.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a678642e425b6219511232facc55d3b97e557efef668514d5daa402cc2c7664

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 05b4905f6074a994b5e52b7e0ee5c01a.cloudfront.net (CloudFront)
last-modified: Tue, 07 Mar 2023 14:52:26 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
etag: "fa9a4de5e529a116913733c19d0d266a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 19853
x-amz-cf-id: b1bCB0AiMPou6Q5B2DO46pz59NeGAxon-nfnWZPaxwtoQT3T-lKuPQ==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LSW8BGXQQ3&gtm=45je3bt0v9134950556&_p=1702111295776&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1774941298.1702111296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.nfscars.net%2F&dt=NFSCars%20%7C%20Need%20For%20Speed%20Cars&sid=1702111295&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1789
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LSW8BGXQQ3&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nfscars.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame C91A 105 KB
39 KB 96ms
38ms Script
application/javascript 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1384
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPr_YWk23o3ry2a2FPHQ41OoscZCr5I-bFA9l64YUVMEJ7R0xmkN4OitPSwCy6S0Rt4ew6LbKqAfrmr3rQZ68O0XgP3VOy7G
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T09xOgI4OvjG7clcsgYK4ewJQkT4zGQxkN3RPE50sNa%2F1yq%2B7Eq2TADX3R5PMP9toI4WhyM8GaV28gtUfa3x9QLnC6x0KFZbzKmJXYjiJk7iPIN9PSIMeZvnv3Xlzd5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 832bf332dd0236a6-YYZ
expires: Sat, 09 Dec 2023 09:17:02 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame C91A 12 KB
4 KB 90ms
32ms Stylesheet
text/css 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPp1VZiUmAQoBQxE1P-OM4QXs9sck70F8P4dPwIZvnAtDLQ9_HBw0ZKnIf2l8H3Uhk8BZ4wRYu5QWv5CBu9PxFHivve-CONB
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSX81IwVNHts14NvpByEad9C8Mu9H5DM7ASxGoeTk3fxGTw%2F1vGVAyMfyv4uX%2BRnPa2Uty8a4xey8rQg8qARbV63AR%2Brb0LMRUBkVwzKzmtLiH%2B%2BeUskJKD2DuMlLmB%2Bow%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 832bf332d8f6544f-YYZ
expires: Sat, 09 Dec 2023 09:15:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C91A 3 KB
1 KB 102ms
35ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C91A 20 KB
9 KB 98ms
32ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C91A 202 KB
64 KB 99ms
33ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 58ms
57ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js?bust=31080036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

121faa6930e413f9ad1adeccf812cb9142a45aa8a35e7790f3cfeb8be2ee9f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55995
x-xss-protection: 0
server: cafe
etag: 2118651907610463754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BA1 63 KB
22 KB 407ms
405ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

0cce7cad0ee52485c43292924d99e76c89249cb3e086596d873f5c4ad01d2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 22451
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A58 87 KB
28 KB 395ms
393ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

83beabaad1d2b86aa95e729454288aa818d2356b0576b15be0ce5de32efe6425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 28628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8902 436 B
233 B 456ms
455ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=2811668165&adf=3903675467&pi=t.aa~a.1438452762~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280%2C637x280&prev_slotnames=1396184927%2C1396184927&nras=4&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=948&ady=2448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

82abb3313add4bfb9c4b27cf733085c96af837c3caac6d266114db72f9d217f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame F019 9 KB
4 KB 34ms
33ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 49514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 18:56:22 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 18:56:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 746F 9 KB
4 KB 34ms
33ms Document
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 49514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 18:56:22 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 18:56:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C91A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92fb71c43c06ca1ead2f7df5b1cc6879391c77f0a40da7c91fd0e01bb36e5291

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame C91A 0
363 B 61ms
60ms Image
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9f3ZPyh0ZbeqOZnQoPMP5tWaYNKRto1tudCuypYPwI23ARABIABg_eiigfADggEXY2EtcHViLTAxMzEzNjMxODYwNzI1NzfIAQmoAwHIAwKqBLQBT9C4YuwdjxTW-3fUU35N02otiy2mCh1PMXPn3XiJKLOS-u4eW2JNddgUYeANIRTdOevgeMf9JKcNrDLl922EPVY7nYM_x0GL_MQOBl8PNA4xWi6jBHUty4sLSRWJs8QA7KyK3dRkC3RQIQekx86NQ1k29dfgBmdHuBpzrHqwXrNwfNNUvgGeEo4nTx_38KFvlhm3b4C8jal1GULemCpJ2qX_Te0X6MWDAyRye2lo0CQxjYbzgAaZvYO7rt3vzdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOlikpqbZ-oGDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wMTMxMzYzMTg2MDcyNTc3GAA&sigh=NrFjCAevtBc&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNCEgQLVv6vxw11JXGpL0WctYxc2hm5Ew4U00pLd2NiCbWJMHnpX_Pa1Eo3rdbODi1DicK2d-C2PMD0jgkja9HFpxIJMvFSgFm8a4YAQ&cbvp=2&vis=1

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 08:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame C91A 0
447 B 247ms
107ms Image
text/plain 172.67.133.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=c33393ab-966e-11ee-a510-5e1ef32580aa&d=www.nfscars.net&cr=ext_ng_start_ghst8&a=imp&p=ZXQoPwAOVTcIaCgZAAaq5jzlWjwmjuGElyx2xA&im=O2B2jYcCNVFrNlzW0S335dLwI-KmJ_Mu-IKOziaO8pOSHO8wyRGK9lDhhn9Ee710ykpyg-a77FiCiHm8Za2cx2nQYe03GK_mokk1xZyjXeBW6wyDE7QFWoV3CNurTiM_yijVfD-SYEIlVD8Ftqj62FOyQjCM6aRogDBld8OiSvGwq3xiTO3o0A-XIibrhC6-09tnLXONEmSIl9pK6sLTGXSbGKs4BkAH4OfYNx69aCRu_BKpduDNk5DVpMHhI11HjiBO_7vaGUmsQSsK91lTtTPF3PAgPG-_evDyyEbdKxWwUbwrkTFEgilM5YO546Ao&cbvp=2
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ2hNKUkQwThjwjUpAkq33iUaB0JRLjqpZpLfZTF%2FPjLMvZWWNFbwaUwFNE2ZbQKyX7xO8W1ZT8QOGIxqFp5UE3wGetBAn%2BA90DAm%2FVlYk3PZ%2FVZ2wiaN1NCECwK8qOcZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 832bf334fa0036d6-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame C91A 159 KB
160 KB 32ms
31ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 924
x-guploader-uploadid: ABPtcPo6Yq7fNVaQxoU1QK1bu9LpwKQQUMWb1qkNhL7wqGvVR0xxvi6tL5pTtREKSu1ceD7DGNQRn29hYGwgKynBSNZUmuyCTDOZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iM3ePxpmwjA67t1OPWV0emOuR0DwlBAKoygH3EIga2xifkMCfLK6orKLcpzmWic9rMBLjW9tqXtMU%2BcqVrJcL3FJNgAr76IUmLzvc9ZAUIpQdbm%2BSukD3Ha1OJVh2l83g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 832bf3342db836a6-YYZ
expires: Sat, 09 Dec 2023 09:05:01 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame C91A 159 KB
159 KB 71ms
71ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=90&slotname=6682825721&adk=1286051082&adf=1340927318&pi=t.ma~as.6682825721&w=728&lmt=1702111295&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111295599&bpp=2&bdt=529&idt=242&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 932
x-guploader-uploadid: ABPtcPopmkaSZiRRsDD5WTJtSpwfPs7--FbhWBR7-xyycqB2euejP4a5svXl-o8RCJ3sVrBQmZRNgsloS7VLZvr9v7auug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWKfyvj5uflypcGTRyhRXWCWLHc7grr%2BrAuCWgj6P11xz6V7A9OeS87ZC5MrzNkWBW3lfKA6PFRzQ7ZCBB9H3u%2BkborGbHEb6snIIQXQuNIn1onW6cz4u%2BGZxpgCWaerpw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 832bf3342dba36a6-YYZ
expires: Sat, 09 Dec 2023 08:44:23 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame C91A 0
1 KB 137ms
72ms Ping
text/plain 172.67.133.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EjdhHT15AK817gWSmk811rth153uYTvlf68lfxJY2bu1Q3qecm7UnexCSQCkkqwxcYNSvOSS6%2BEBWHI7LxlcyluNc3%2FxTkRxuZoX%2BxN9Gbqw4wsRGtRHZ7snHHItsy33w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 832bf334fa0136d6-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F019 4 KB
767 B 43ms
42ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 08:15:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F019 205 B
294 B 101ms
34ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:34:14 GMT
x-content-type-options: nosniff
age: 442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 08:34:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F019 604 B
1 KB 100ms
33ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:27:56 GMT
x-content-type-options: nosniff
age: 820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 08:27:56 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame F019 16 KB
7 KB 37ms
35ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:54:49 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame F019 22 KB
9 KB 32ms
31ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:05:08 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame C91A 0
463 B 1292ms
1291ms Ping
text/plain 172.67.133.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnvFh8lMgx4gAopXMjDFrJNylItpxzgr2opr6NP7qZIMu492KHZpEpzqF7nk0ZgslI7kYRl%2BJ5p0pOPA5jNr59WwSsV1JVbM2qP2r0Ag0w3E9lzovE92DQiLzw9a9lbUqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 832bf3355a3736d6-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 746F 105 KB
39 KB 34ms
32ms Script
application/javascript 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1384
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPr_YWk23o3ry2a2FPHQ41OoscZCr5I-bFA9l64YUVMEJ7R0xmkN4OitPSwCy6S0Rt4ew6LbKqAfrmr3rQZ68O0XgP3VOy7G
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSKl4WigC%2BBJTLfarGjIEby81RBPKHGH6mcLu4xuGWh4ED2COGkE0WdrQVXM%2BE%2BFdNaGQTfuV5eWA6IFT%2Fd2QmDxcl%2FyqBmBf9Qt7EfzpAZdQuGPhLY4JW9JwNHM%2BDHEQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 832bf3355e5c36a6-YYZ
expires: Sat, 09 Dec 2023 09:17:02 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 746F 12 KB
3 KB 33ms
32ms Stylesheet
text/css 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPp1VZiUmAQoBQxE1P-OM4QXs9sck70F8P4dPwIZvnAtDLQ9_HBw0ZKnIf2l8H3Uhk8BZ4wRYu5QWv5CBu9PxFHivve-CONB
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB2r%2F%2FKvhDsy8xiK5iTFouL4lTkhaS8HiaWtTrjw%2Fmtvfkq3JLmW0w95pry6zW0J8TdR96AIJboofdsKQ5ZHTtOIbsKMYb8PNXQ6TVOv9OCP8tM8%2Fc7USIeSQf%2B6XsqB2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 832bf3355a44544f-YYZ
expires: Sat, 09 Dec 2023 09:15:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 746F 3 KB
1 KB 35ms
33ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 746F 20 KB
8 KB 35ms
34ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 746F 202 KB
64 KB 35ms
34ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 861C 9 KB
4 KB 38ms
37ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:08:51 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 861C 20 KB
8 KB 38ms
38ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 17:47:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 861C 14 KB
1 KB 48ms
47ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 08:10:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 861C 2 KB
822 B 45ms
43ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 861C 6 KB
2 KB 38ms
36ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:15:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 861C 24 KB
9 KB 45ms
44ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:41:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 861C 3 KB
1 KB 48ms
47ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 861C 20 KB
8 KB 46ms
45ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 861C 202 KB
64 KB 42ms
41ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:36 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 861C 37 KB
15 KB 40ms
39ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:02:52 GMT

GET
DATA 200
OK truncated
/ Frame 746F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ac9adecb8d0db71a9db665e0f64b37e4ab5827e39578210d012922af19253be

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 746F 0
19 B 64ms
62ms Image
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWp6APyh0ZeK3OeHOoPMPgeGdoAjSkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0wMTMxMzYzMTg2MDcyNTc3yAEJqAMByAMCqgS2AU_Qb1fUUHuUGoC_d04X-UHcC0LRZour7z03E0owUrFrQVwZPDw1-koGg9EYjpgH3O12dkg7tI91ZV0R5oFkhyxWt18BnQ_JXfVdIEx9Ba8l-r1LmiO3MekXhGngEfUJ6Y7mHk6qFZc2qYFewXyg7DswdeGcz1HGD7vMXSdQhjWKkPyXBr1Z0M0lkwvxDPK0kzdrnwR--I5uO7n36tJVe56eaFNA96bc6nD5ZKepU5ODfMxfW947gAa6vLLqg4n0sQWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WJqyptn6gYMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTAxMzEzNjMxODYwNzI1NzcYAA&sigh=K6Vtqq6woz0&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNJN199t0SpTK-BAwnlzdJJjrTT3oZh9KcsvxDDIX16C0mr2eW2a9nla5ofrwOD1S8px-mDBFoSpTA6M9qdAZizX9BWK0vWzF6xFsYAQ&cbvp=2&vis=1

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 746F 0
427 B 80ms
77ms Image
text/plain 172.67.133.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=c330159a-966e-11ee-b551-863af2b21567&d=www.nfscars.net&cr=ext_ng_start_ghst8__0&a=imp&p=ZXQoPwAOW-IIaCdhAAdwgZcmwcfB6F9P30uw4A&im=C_znNAQSUcsbyo-AKK4QRu7_gzJFxyqjm8qefg3ELz9-hEQVjbSHT3YzKVVyAbCWcfbNVaMNap4m7rp8LrRPDjKEaxVGg7hS5Fhqs3H48AY3zUxzztquI7kGBq_uKbevvd9liUg4-B0ToT6p5kEP-jkzJRZnhzDcTGBjDLTguqp7uNT31HL8RnM3N_2NGwndCe_YZqHRy1waFfdGaahwwaq4VJsp523Kw-peahVXLfxscY6X11opddTkrcqFfLt8RfJF1UK-2gpbOj-UdeAYUCiNqY_wt_-Wf5p53VgCTG_z-nZRlHcvGA_iYNEcD_UK&cbvp=2
Requested by: Host: www.nfscars.net
URL: https://www.nfscars.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYxsUrEF4lr9LtFPz%2BhUkYFzNd03DJFrVJW7F4YYbffa35J8OidDsy5YRyojAPp6%2FAlVo2zEXMr9cRYK4aiV4HuV4kwCUX0m6tmGvb74%2F15jcVgl3ZRCvRMgawTg414sqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 832bf3367b0836d6-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 746F 159 KB
160 KB 32ms
31ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 925
x-guploader-uploadid: ABPtcPo6Yq7fNVaQxoU1QK1bu9LpwKQQUMWb1qkNhL7wqGvVR0xxvi6tL5pTtREKSu1ceD7DGNQRn29hYGwgKynBSNZUmuyCTDOZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb6GvCLc1LQR0hFQFuI0dBO2mxwKvxyIGp%2Bhzo9Z8F%2FOTdDAjWaIkkYC41gzYrY%2BHLntvaXtBPvlcXYdviJarmAVhhZ%2FmkqnaObeCXXx3uyJLHP84fNj6hf826cCJjgIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 832bf3367f7236a6-YYZ
expires: Sat, 09 Dec 2023 09:05:01 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 746F 159 KB
159 KB 38ms
37ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933
x-guploader-uploadid: ABPtcPopmkaSZiRRsDD5WTJtSpwfPs7--FbhWBR7-xyycqB2euejP4a5svXl-o8RCJ3sVrBQmZRNgsloS7VLZvr9v7auug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx6cgwVUo2CSo67OA6tWuDOkUBTgJV%2FIWmMjiNYAt50f1lWycRSLRiOFWd7e8z5f5GltpP%2FIJaHGv%2BL8NNxWpSpprm24oRmNeI6MN%2BvyD2%2BaZbyh5gy8jphl3ur3VbFZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 832bf3367f7436a6-YYZ
expires: Sat, 09 Dec 2023 08:44:23 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 746F 0
803 B 84ms
84ms Ping
text/plain 172.67.133.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0ZCSo3oq30oYyJQhLsAkpo3jTqBNhvOp0QXejIUv8QNxhtLIfposYAImrX%2BN0U8yiyZmOhuszsJLRieRL48xtr%2BcVHXQW5SuzmFF%2B6JxL7kWwUINUNTdTJJyZO5SlUyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 832bf3370ce936ce-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 588F 51 KB
19 KB 33ms
33ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 09:14:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 861C 0
20 B 48ms
47ms Ping
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRArIQAAAAAAACJAMAQKDRADIQAAADAzU1VAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAmQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAA8CL1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAADMzJxiQDAECg0QFCEAAAAAsID1QDAECg0QFSEAAAAAAAAkQDAECg0QFiEAAAAAAAAQQDAECg0QGCEAAABoZrZlQDAECg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAAAAzMzsPzAECg0QOyEAAAAAzMzsPzAECg0QPCEAAAAAzMzsPzAECg0QPSEAAAAAAADwPzAECg0QPiEAAAAAAADwPzAECg0QPyEAAAAAAADwPzAECg0QQCEAAAAAAADwPzAEEhpDS0hUcHRuNmdZTURGV0VuYUFnZGdYQUhoQSIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4A58 24 KB
9 KB 36ms
35ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:41:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A58 8 KB
750 B 44ms
42ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 08:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 08:41:37 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 4A58 15 KB
3 KB 100ms
32ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:28:10 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 4A58 376 KB
131 KB 101ms
33ms Script
text/javascript 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4A58 20 KB
8 KB 38ms
38ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4A58 0
0 123ms
55ms Image
text/html 172.253.62.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTad0LHcmuRi9Z91smULWfrERkiS9Y-ynADz_icSHaxJ5lA_Gg550FfhjIFKQVWyfNvVP-83YfR5sG0CFsXrWtqGKNDEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.62.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 08D8 18 KB
8 KB 36ms
33ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Dec 2023 08:45:06 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 08D8 36 KB
14 KB 38ms
35ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
server: cafe
etag: 17228781504935142183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:54:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 08D8 3 KB
1 KB 61ms
58ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 08D8 20 KB
8 KB 47ms
44ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 08D8 0
0 79ms
48ms Image
text/html 172.253.62.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeLZzet4qGMpCZ79TIHVBRHjfduvDDWK9NvvYQw1sJZU9xenlnBWd-0Lw6GeQCfb8PTFlAxv83EzKXJmVBdQihEoYheg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.62.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08D8 202 KB
64 KB 35ms
33ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 08D8 24 KB
9 KB 53ms
51ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:41:55 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 08D8 59 KB
23 KB 32ms
32ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:32:33 GMT

GET
H2 200 B29069693.375730021;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1707814360;ord=zs20fo;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCvV8OQCh0Zc3LMYetoPMPm86NqAPBjP... Show response
ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/ Frame B000 66 KB
31 KB 141ms
74ms Document
text/html 142.250.31.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730021;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1707814360;ord=zs20fo;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCvV8OQCh0Zc3LMYetoPMPm86NqAPBjPyKdPzq16_uEa-BuuPXAhABIP-U-AFg_eiigfADoAHS-MviA8gBCagDAcgDAqoEygFP0I5y-uipIqeF5WDCGQ6BWAVrm5l4XmpfRSlwo5eElUf6nhCUlWs5-JrY1JSwEqkvz9cvoyizIgrr18ong1P8_FNNA0DbU45AnNsiFowJIwVkOfm3NyFuZHrIM0Zb8NyFzfsbTpANY3hyXE_KD-reb3UMURMZo28WgjKh_85V0_S3zSzjBfqnOGZncGwXEH4bIR9zh_E5yidgCwlJ2lApXcS7N0wVNS-17lMlR35J3uAFdH2Q3lZtxTA-UVjb6_-G8OuGLZX63pIPwAT_8v2ThgKIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHQiAYRABGB8yAooCOgKAQEi9_cE6WNjL29n6gYMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQoNuEhr7xselhEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIzevb2fqBgwMVhxZoCB0bZwM1EAEYASAAEgI2FvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3kGjMYnWxJhOC2fuEaNXKB7LFkIsIm-VoQ2_IRZWjKpjUA7YZkL2Vd9jma06QsURXVMiGMBbGAE%26sig%3DAOD64_04q0JBYdo_-6QGzSMHTfENzZVQKQ%26client%3Dca-pub-0131363186072577%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.nfscars.net%2F$0;xdt=1;crlt=)KV22Zze8-;stc=1;chaa=1;sttr=49;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f148.1e100.net

Software

cafe /

Resource Hash

16d5075c44fe92825c7dce4fb1cae48a228da26a03a1d56066e4d6a24365a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 31625
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 175D 1 KB
643 B 33ms
32ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 83944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 09:22:33 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 09:22:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 08D8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3966cf4b207066484419d2815f59003faae1daa8a26865e8af797526f94c93ac

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 08D8 0
0 63ms
63ms Fetch
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjwOOQCh0Zc3LMYetoPMPm86NqAPBjPyKdPzq16_uEa-BuuPXAhABIP-U-AFg_eiigfADoAHS-MviA8gBCagDAcgDAqoExwFP0I5y-uipIqeF5WDCGQ6BWAVrm5l4XmpfRSlwo5eElUf6nhCUlWs5-JrY1JSwEqkvz9cvoyizIgrr18ong1P8_FNNA0DbU45AnNsiFowJIwVkOfm3NyFuZHrIM0Zb8NyFzfsbTpANY3hyXE_KD-reb3UMURMZo28WgjKh_85V0_S3zSzjBfqnOGZncGwXEH4bIR9zh_E5yidgCwlJmFIIz0UwiUWuiwtrPEPOvURu1GQMWmU-F5x9LsCAf3TDaFEg-VC4vD9wwAT_8v2ThgKIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQkN4D0ggdCIBhEAEYHzICigI6AoBASL39wTpY2Mvb2fqBgwOACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBAKChCg24SGvvGx6WESAgED2BMD0BUBgBcBshccChoIABIUcHViLTAxMzEzNjMxODYwNzI1NzcYAA&sigh=sRDSNm6w2sg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN3kGjMYnWxJhOC2fuEaNXKB7LFkIsIm-VoQ2_IRZWjKpjUA7YZkL2Vd9jma06QsURXVMiGMBbGAE&cbvp=2&vis=1

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4
Attribution-Reporting-Eligible: event-source
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 4A58 0
54 B 770ms
271ms Ping
image/gif 172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpxt4aki&c=6141818007325&slotId=3070909003662.5&qqid=CKnu29n6gYMDFVGRnwod01oIUQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s51-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4A58 15 KB
16 KB 33ms
32ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:06:18 GMT
x-content-type-options: nosniff
age: 41719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:06:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4A58 15 KB
15 KB 36ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:26 GMT
x-content-type-options: nosniff
age: 257411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A58 0
20 B 48ms
47ms Image
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CA_Z8QCh0ZanOMdGi_gTTtaGIBY2VrPpz_NzdstMRh7Kx5ZBBEAEg_5T4AWD96KKB8AOgAbaNp9kCyAEFqQKPOu4mRLSoPqgDAcgDmwSqBOgBT9C_Uv4Jb1VfQ1-TrKbXytWTDecmRk4z8hGnEm40R5WuXgK5bQsunZ-D0idyJNXSWiwmwvIgIYkFgt0WHqI6xf8StrHbreLEEGXnr6CX2z2klYdR-Hlqu2uJe7zahQmDV9fgmO4MAB48j5llslwJSsrx751AedKRBQqwqQinA5YooJ1yil1LyymjOtfUWo58eqkrQ8tQoHVqQ55VAUxofaZ1YC6t2oPrgLdCeTWfeno6yTEpU3X_eIiRtGLH-mxQeucxZr-QAkbC4N_gKpfnD-tEggeM3i7unSyZ4r4BNT94giHcKaFbN8AE14mVq78E4AQDiAXcwfmfTZAGAaAGToAHsvLYpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHzICigI6AoBASL39wTpY8M7b2fqBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJDQbAT-rnOFcgTxMLp4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702111297423&ai=CA_Z8QCh0ZanOMdGi_gTTtaGIBY2VrPpz_NzdstMRh7Kx5ZBBEAEg_5T4AWD96KKB8AOgAbaNp9kCyAEFqQKPOu4mRLSoPqgDAcgDmwSqBOgBT9C_Uv4Jb1VfQ1-TrKbXytWTDecmRk4z8hGnEm40R5WuXgK5bQsunZ-D0idyJNXSWiwmwvIgIYkFgt0WHqI6xf8StrHbreLEEGXnr6CX2z2klYdR-Hlqu2uJe7zahQmDV9fgmO4MAB48j5llslwJSsrx751AedKRBQqwqQinA5YooJ1yil1LyymjOtfUWo58eqkrQ8tQoHVqQ55VAUxofaZ1YC6t2oPrgLdCeTWfeno6yTEpU3X_eIiRtGLH-mxQeucxZr-QAkbC4N_gKpfnD-tEggeM3i7unSyZ4r4BNT94giHcKaFbN8AE14mVq78E4AQDiAXcwfmfTZAGAaAGToAHsvLYpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHzICigI6AoBASL39wTpY8M7b2fqBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJDQbAT-rnOFcgTxMLp4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4A58 0
54 B 757ms
271ms Ping
image/gif 172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpxt4akw&c=6141818007325&slotId=3070909003662.5&qqid=CKnu29n6gYMDFVGRnwod01oIUQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.qc&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s51-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4A58 31 KB
18 KB 74ms
73ms XHR
text/xml 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DMzOHPM_fpdFBB5oqthkyf98U1RjFhgQ1gkmGiuJqpUEGzKDSRf1th6g525whQzyPb7mK1O4xbMGANSUjHXEe4jsAaHw&cry=1&dbm_d=AKAmf-AVhH-frwOnuygsuUXoXYjUnagb1ZGhmLzqpbdCjl-ICCP9zE1f_wLa9sv5apAY_vNhsHuFhe8_heaZgMAOWqXD8obqDDHQPgmGIQZNT-NRnyREfQ04t9d0Rc1763Z5MwyzZG1SKJKtXAcDf6b-KC2nh_OL-S2ZoDXnvWKEf6GNkt4uwxe2bYeotTYsRfxnChpLC3ST7xzP0msZqO5woDJPw_4XdVjckjr4101mTs_Vpr2zsWfkskN0XzWOOGzdB4bzVr3br6vU8u4eNFnt4iuGTCthCuCbbvqlmwYF8Ly8WjUtp4gN5gCj3Ll8KXRrJwPDk14ozE0PwqNjHZn1WjstYcY2jQXe74O-QmeqWOy3wLRF0vZX3TuLyb78nvNVLAXiJGaOPb-Rug-JiAY3e1Y1RkFhSHpqNjT5HlVvKK5Ax71Pv_sQPHIBMIN8tRa0LGOZ6SfeUsPgnT80uZHB3ub3-Z04ufzfRIIs2gc9EKj5TsvfZC67frrnWs7U8ztqyEvext0moMBGoWq45sEm4XGDl2KNXrkEOe3-2EModWy9JepWb5zE0CkE9Z_M7dSuqbkQpWqyj7GaFBMIfg7dg00aV3zOw7-PlEiFOev8k7oigOrFQZEOsllFLCf5j9IX7b68szJ9ZSZJ8dD10T15r9ufMQzVDRCJ2w58bKEE2aNXKBERJcqhxHbpwBVlmSRXGec92773oFHEwbvgsbkD7K5VzEL0UkfiCFFDu-8FiZojdUxbqNanmvDZYziii35snL2fQ9ZyAvy3-8ZvsnUjdr7pPr1oCWt6dPWaB5-BkP4MZTEaGZ9kL5gmhJNOG2X2uOf40BNA0lhnf5RivwFolsiHXZQkUe43ojl_MzI7FaJ7wLGvrNX8QCb1j8fmHccSKWBkdfa9alncio6WhOH_RCRdmxV1sbLMod9xx3OVYguRvxSCNcWrVndQ1elag2qT4_DwVV1_JugRI5jGEStjQLsd7-PHDTXpXE2lbashPg6TM6PQRpanQ9jArCCSB0CJ1Vt9_RUbP3MEWxGurpTj1W1smrjQ9qtC_iVWV3nHRjFxUzxDIQLkOIKaEu_PDNDVlpy6Vsl3FEFIe_D8imgK1pEOYXXdqjh1nUc7AAE_-BuXQbB4vAsjVy-GJi0EOp0z2aSbnK1Q9XlzeYf-QbqNSReakbNmV-0UpxNOUsu5pJv9lezndyu_zELq9wstrydSkj9u8k1xgg4husVDIEF2nH5gYqCDzXSHnLFxViRRshnSCFeERtMl-uvQ3kCuv4VrpZYqP7i86MltcLDzR9AkiNynV5mrka_tUhCnyL3dyyQiRJFVjHZFq9Re7o3HcBX3rFklMHEspUl67TamQTVOKpLEd3fq84SeudvoU_wVs6KazUJAPSgV_QjEbukHSiQTw_cpCoO4xYHYyAuacud2VqG0jIola3utE4l8xpCjA84Q5Gw9j6XPqt6_bcKwM0vg_d_e8Oj9ZqMWxaBwa3CH6NIcXHNv7D2l7g1jUivBjweeLnCtX8AD_SjyLAjmeDVRx12cZQj1bAN-f3kf7RdHQEznmnwvENEpCqG8pY6R5CRh0PoPEAFIRH7WBfY8Ps9nB2siZpWFrok-cL_aNuGJPjKkpzxfUIdKVprORELQ-HOFr94INDg7RVlplLSnZv5mCidndxfrXgTSjY1QZvihse9agZkC_dlpSGM1DnH6HhbfLS6iEDTXalTgcMUU5lwlWjpdTphBzPkDjI6snCmdbKwQfig0zGYdnFe9tJEtOyif2NELL3aihhDcvvLYN7cT-FwiUo20JKI1VV3cNtb57WwQcCK_q9PzrZq3NeIN2Ab-VTQOMdnTxvXaTmJ__jNJehCrFHmoAOWwkWf5rAGGHfNEO_yguL9HfOkMYLZtSO3fqjMcPEmcLBYpUm__K720-IYHhvevi6IsbUeQddACLvxxxOCOMAtqY2vgWh0JZFbM6TDzzyL-40x16JcU0DOQSfcu-qaUNcMdie_LMZ1BpwAejFy1o-DjMS9x04I17V18jdfLU9YXdTz4hpTQ6mzKpjeF99buFGJ3HtB67_5fN3Xm7A-Xc--ntjZgnMBXQH_0Ksq5rTA8dDfK0lfhbnKXCpBytQUGkRIlFd_C_Q3RDkceeDCbmN-JSU957ERFKUQReUkHdPF0JjJ8kW7wb59ZX4IBBZN337UYVIUNbjo_atWOpJO-WZqlr5xk-ffE-2bhBuo65z7oZ4p3orUSOpISsZbpI8KKrmKry_FHO7ySND8z4P3uNVlyqOERPJxTJ37_ia6zX6c32_M_g-lwGKK96AO7-17US4QQOF0oQP5jDndiM3I1mxvTxfznFV9dDgVp45-jGHbLrChRAu00oay6qeSZZgQBjNmujAo9lUojbISiRCg2Ybndaa55k84F5lNLRGDuXRqkjefHBv_kJjKvTLueDq7tNKgchUqhfQvS1JqRxzNaHQ1Hlpzo1h3I1-lC8uEkVxOft_r8ZUSIZsMdEQNYckhFygF-WJMYgAmg9c7A8hA5Yiqjsyc82vX-Rf9EkmwJiMOVvacZUho9Y50uJOErD-mVj9KfqaPt92wwOEL6cAR1p3SsInvcxrMuFmwlN8zSh7xogvNLuHN5a_pVjbz9QLXuHNWz81RQnjVbIzQ8INWP6GyOP66RHLjZexvdqKhyw5qUocTYxdKxixFzK3Iw_BIw4-wAVVPAzI991T40TDoaUKNVt3-_JTqIHjHAwect_xReBA-IwxuI-e5cV_mKi3pk4o6HRCpr8ggwaHIoU0KLKyW_qK_Kiwbtpmq38tVedNWdf9HegVZnr-DWrEaZ6uOIaU9nTtXt3Wsmm58sYrGXmtE1cton1C_bxY98CBhIg1odmOFplIt2wTYL4FmE64gWvoTrhZTMoBTrQidfE64m_sRjhoFcOU6j1PwQC1hS7EaYhW7iJ5dgK6myQ0CcIG4sm1v3osxQ2MVzHOW2TxLY5Ti2kQTDRDsHQP5t_bJvmo29tr1mnsOlGZs93S9DKA2ODeAFAnlcDsdB_eAlciYZUrxMiVgFawpXmq2O_7eiJ3kqtDlKiHAfa-p_ThkKCK1iWx83N8uB7Fp6xOD_iIDtjaA3eKbm_MgwEzicUHo6blFo8lXTyw0xh7DwOZ1F6MBsas5ZoTmBEviHAPISlm4MNEJEjNX8Gwx5wsZoD6LupxNXCCcl48i5aajx8_f18wk0X0k3WrNWLH56VLJe2WD-I8KzDJCNIpJMMmneNTBVt2HRluddjpnO-yfbSlwmCI27XAU3pveNvxneoDBZvgBdYk41zR5KrI0vnpXp4RviWCXd_0rjj9zFHk5kZKYgazx2UYZ5GZWPpdtKq_owFpSklcsyqKWuK-9kkNJfjfPmoBqmwoVwcyuR68Uq-p6Dghrz5ui_h6DAl0JL2mqWFmc6gmAEtzsTXyW6-8LFlTt-nsa4C6IIOCwjvm0AmeN6Q7hWMswhBAs7V8N89xRTTgQjCiekidt4FSYD1eA7Yti0-LzQ-jxWz50M4bRnNMk9FUn0e-D09xDj8_qc-PxJ0Ult6K4y73QcndN25uSqMLdOTZ90sW20leLZxT2vpmzujVTD8EO3yJeokmZaDi2Xa4fSoZ8VYlK_PVlz6JNMTxudAXQ&cid=CAQSOwDICaaNypPMkm1bgw8l8wK-IQhUlq1qYMRhu-QPaTdWmLb7Bh37jcZ-m7nsS4IE0FCBaZN4tC4q0yHfGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

259c3a500f755ab2c9438a77b042282b7dcd208c24681128fd57bdf1c16d4f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17653
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1EC7 1 KB
643 B 33ms
32ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 83944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 09:22:33 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 09:22:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 175D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1&google_push=AXcoOmQx-Mxg_pFxTbK_Dit75RuVbjhPqPQ4Z705EHXt-tJDwwJBz2-AzIuprkCEjGDUGbEdQSHLnUswpi9541IMyGzIzCTxBxPeL...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg2NDc0Mjk0NzE5OTIyMTYwNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1

43 B
398 B

33ms
32ms

Image
image/gif

69.194.242.12
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=1885316112&adf=3078541190&pi=t.aa~a.3316308926~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=605x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=2&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280&prev_slotnames=1396184927%2C1396184927&nras=2&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=964&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=4
Protocol: H2
Server: 69.194.242.12 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 09 Dec 2023 08:41:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAKWGKCHEDcWz2M4-FEVRhc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 175D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBGpNFQq37SyZm3u6VnoK0w&google_cver=1&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoMICXddRu0tgnXxrb7x9-482ldpLr4WEVmmw5rfh...

170 B
188 B

43ms
43ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoMICXddRu0tgnXxrb7x9-482ldpLr4WEVmmw5rfhQ6zyLARaAHvsQ&google_hm=eS1jb2tYR1E5RTJwRVFOdUtRUi5WY0xjNFNtN3NXQncua35B

Requested by

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 08:41:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRuR_7vHpD4B9vED6YQhdGcmWwbQFQEYm2zLdbaciKE7DJPagRx5l2sMlFJxtkPaqfZ2tHGOuyY6qsIIFQMOtFmIoMICXddRu0tgnXxrb7x9-482ldpLr4WEVmmw5rfhQ6zyLARaAHvsQ&google_hm=eS1jb2tYR1E5RTJwRVFOdUtRUi5WY0xjNFNtN3NXQncua35B
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 175D 43 B
641 B 582ms
192ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEE9njMeFU32AHeLRiHjBFNQ&google_cver=1&google_push=AXcoOmS1kqrK0KBdxhD5DQSwpgHLtqxG4Rf_apROML-Q2sDeeM3hwCehxZBIH_7UcMW_gORWziD2S1jg6gdbKvQu6mGAtNna63JBFJVlxkzvqwzWF1IUjhaOv1xyTuLueiuw0Da9cCpDxJFlgg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:37 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 175D
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESENFWd5R8LrnADyO8-RGSfas&google_cver=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESENFWd5R8LrnADyO8-RGSfas&google_cver=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTY...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RN6R-fRVQWm3y4Mo2z5mUA==&no_redirect=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9w...

170 B
188 B

48ms
48ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RN6R-fRVQWm3y4Mo2z5mUA==&no_redirect=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1KauZHNGSDI5FoJc71Qmmm6DqTlUfP62YdSukVdCCWtzucQcRMOMTXfVvpcj7QUR4zwutlso

Requested by

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RN6R-fRVQWm3y4Mo2z5mUA==&no_redirect=1&google_push=AXcoOmS3VdUKCDP5xp7vF_3biqZOurRoVPzh-dPqYwPXI07JreU_9wiowlWZSWxi5RwsTYC9Fsv1KauZHNGSDI5FoJc71Qmmm6DqTlUfP62YdSukVdCCWtzucQcRMOMTXfVvpcj7QUR4zwutlso
date: Sat, 09 Dec 2023 08:41:37 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 175D
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmR7NfOXZeg_nJssIeWK65HHslq7jVtRxMZHq_XTsgvLjK--OIx0ZzzZ-23LT3re5e1ija1VDJ9INP8nii2_anJ8JDB6C0RYFL3Jnl8VdmklwGuB65vwc3Bp4LiBS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL31K4spkPHkm2F-bbl8G20&google_hm=T1BVNWI5YWY4ZTA0MWNlNDVlYjlkYjc2ZWM5NTA0ZWI1YWE&google_nid=opera_norway_as&google_push=AXcoOmR7NfOX...

170 B
188 B

44ms
43ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL31K4spkPHkm2F-bbl8G20&google_hm=T1BVNWI5YWY4ZTA0MWNlNDVlYjlkYjc2ZWM5NTA0ZWI1YWE&google_nid=opera_norway_as&google_push=AXcoOmR7NfOXZeg_nJssIeWK65HHslq7jVtRxMZHq_XTsgvLjK--OIx0ZzzZ-23LT3re5e1ija1VDJ9INP8nii2_anJ8JDB6C0RYFL3Jnl8VdmklwGuB65vwc3Bp4LiBSE4O_ZGhMctCE3AQBA

Requested by

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL31K4spkPHkm2F-bbl8G20&google_hm=T1BVNWI5YWY4ZTA0MWNlNDVlYjlkYjc2ZWM5NTA0ZWI1YWE&google_nid=opera_norway_as&google_push=AXcoOmR7NfOXZeg_nJssIeWK65HHslq7jVtRxMZHq_XTsgvLjK--OIx0ZzzZ-23LT3re5e1ija1VDJ9INP8nii2_anJ8JDB6C0RYFL3Jnl8VdmklwGuB65vwc3Bp4LiBSE4O_ZGhMctCE3AQBA
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 370
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 175D
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEP_nMvnE5gQy-lBpu0KiWZ4?ext-param=AXcoOmQzYelyQtrF_hweIdDW1B6KREXwKUd7glIE3RNhs6IMH8aWzqmXjz0ufk13eUoolJ6uOcwDmyianBzCQf2Pqkak5YRPoGwQ4Hf37eea0NV6pGB_4W-EIVWi...
https://an.yandex.ru/mapuid/google/CAESEP_nMvnE5gQy-lBpu0KiWZ4?redir-setuniq=1&ext-param=AXcoOmQzYelyQtrF_hweIdDW1B6KREXwKUd7glIE3RNhs6IMH8aWzqmXjz0ufk13eUoolJ6uOcwDmyianBzCQf2Pqkak5YRPoGwQ4Hf37eea...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEP_nMvnE5gQy-lBpu0KiWZ4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

161ms
160ms

Image
image/gif

213.180.193.90
TELETECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Protocol

Server

213.180.193.90 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 23 Nov 2024 08:41:38 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 175D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEMJz-_dslVJ1DaiHXo9Qlgs&google_cver=1&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYC...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYCCIVyWskVeArHUBBEVcto_7Ve3BQQ...

170 B
188 B

43ms
43ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYCCIVyWskVeArHUBBEVcto_7Ve3BQQuhTgJZTAXRnx8BEBRmd2JA&google_hm=81fa84b7ead217ea1043jt00lpxt4aq1

Requested by

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSdOaM0vXkDnMCFl2WRUc6NrHh8gHZ1QskioRYzCv0WqQUk9PKMqkEEsGqCOvWq0NE2VPOx0BQHAi3jtmzDongoT3wYCCIVyWskVeArHUBBEVcto_7Ve3BQQuhTgJZTAXRnx8BEBRmd2JA&google_hm=81fa84b7ead217ea1043jt00lpxt4aq1
date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 175D 0
69 B 41ms
40ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVdyWAdT3OhKiEiI_kJvqKETjaqo3BLRxCTqheII9iuaNnW2Ahy6c7JL70tGH9kRCySrKsC0ZmNA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4A58 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634b08f5c1602a384250124b760e69c694b68da8dd838f0dd0311136ed3d0957

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EC7
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEOi-hhfygKxmHziZPIT4W8E&google_cver=1&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_&google_hm=UjMzNjQ2XzEwRDY5...

170 B
188 B

45ms
43ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_&google_hm=UjMzNjQ2XzEwRDY5RDdFOF9DM0FGODdBQw%3D%3D

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRh9qN_bsotVuxBpcUrEcexo0q0ZW6XwPCH5XBJqjztDgsQSTycywExsGxYMmuJQCBIV8PrEplMrpkIx84JqZBdIUhsLYf_&google_hm=UjMzNjQ2XzEwRDY5RDdFOF9DM0FGODdBQw%3D%3D
Date: Sat, 09 Dec 2023 08:41:36 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-385116097; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 346
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EC7
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMC417qBJYCF9js9x7_Ri_8&google_cver=1&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12jkGrDKNQvQP6dydN142jKLM7Q

170 B
188 B

44ms
43ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12jkGrDKNQvQP6dydN142jKLM7Q

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 08:41:37 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A8AA4C7B1B69414EA1CDDA2F52493FCE Ref B: YMQ01EDGE0609 Ref C: 2023-12-09T08:41:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRZTCbfB1caHik3kAwYklg_D2hhtJwwZPrXzB_BhkUtlI8cA_JiHpwRVwX8G9N0HBT9vsW12jkGrDKNQvQP6dydN142jKLM7Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMD6tCmwzq77ASOLkftA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EC7
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIBnUVxoHajyUb-ZCk2e0xE&google_cver=1&google_push=AXcoOmQK2HvM1cIyIGww28RpkJvNM6vtXbjvW9ok4pKdhB7FVg8VCBH0aUj5gHv8tOZ5fq6rDxFV21baryz6Hpbux_...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIBnUVxoHajyUb-ZCk2e0xE&google_cver=1&google_push=AXcoOmQK2HvM1cIyIGww28RpkJvNM6vtXbjvW9ok4pKdhB7FVg8VCBH0aUj5gHv8tOZ5fq6rDxFV21baryz6Hpbux_...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGIyYzQ4OTQtMTEyNS00Y2RkLTk0YmItM2MxYmQwODI5OTU5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4b2c4894-1125-4cdd-94bb-3c1bd0829959

170 B
188 B

43ms
42ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGIyYzQ4OTQtMTEyNS00Y2RkLTk0YmItM2MxYmQwODI5OTU5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4b2c4894-1125-4cdd-94bb-3c1bd0829959

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGIyYzQ4OTQtMTEyNS00Y2RkLTk0YmItM2MxYmQwODI5OTU5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4b2c4894-1125-4cdd-94bb-3c1bd0829959
date: Sat, 09 Dec 2023 08:41:37 GMT
server: Kestrel
content-length: 423

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 1EC7 0
285 B 97ms
31ms Image
text/plain 54.198.64.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESELM6GnsIiDJh2fPlM1qwrfM&google_cver=1&google_push=AXcoOmQmzp1eVsRU2dNhqJKYcEj6UJUOf4v8mNQ0UD9VFdh6muM-HIjJrG4YsWPghk-p07aKqtYWs5Y7oI49AS7LZKIXeAsNc8R3Ig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.64.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-64-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT

GET r.gif
sync.extend.tv/ Frame 1EC7 0
0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1EC7 43 B
363 B 99ms
32ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRJtaEBqxs6f106k71W_TSSguBvRjuehdWXOI9kLTwX509hZMSro03w6bvb4DXqCeWXQYy_K2a-LZOpvTMFRFpC6uinNPduBg&google_gid=CAESEBeLX8ZZ5DG-GzdVB5sSJCI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:36 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 159719
expires: Sat, 09 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EC7
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEKiSudSACF6flQsjK1VoCkA&google_cver=1&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbg...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbghfye-mGHxqkOb126P8NghAMAUEsGktq-AJRA&google_hm=_...

170 B
188 B

45ms
44ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbghfye-mGHxqkOb126P8NghAMAUEsGktq-AJRA&google_hm=_F4-aootTyClabwujFOrM0I

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQjoFETI0pTc8K64-X7ZXod2LyP6LSXCxZq-M9o1SD3D_Sf8iHEWIk9KBOJbghfye-mGHxqkOb126P8NghAMAUEsGktq-AJRA&google_hm=_F4-aootTyClabwujFOrM0I
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1EC7 0
12 B 42ms
42ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeqPNGVnduAoxS1U61ZQlhL4O-YjKEUCRZ5F9I-0ZhnwFJoI2mpuXTH_rIcn6TSU_ZMtIfVQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A58 0
0 58ms
58ms Fetch
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc0K6QCh0ZanOMdGi_gTTtaGIBY2VrPpz_NzdstMRh7Kx5ZBBEAEg_5T4AWD96KKB8AOgAbaNp9kCyAEFqQKPOu4mRLSoPqgDAaoE5QFP0L9S_glvVV9DX5OsptfK1ZMN5yZGTjPyEacSbjRHla5eArltCy6dn4PSJ3Ik1dJaLCbC8iAhiQWC3RYeojrF_xK2sdut4sQQZeevoJfbPaSVh1H4eWq7a4l7vNqFCYNX1-CY7gwAHjyPmWWyXAlKyvHvnUB50pEFCrCpCKcDliignXKKXUvLKaM619Rajnx6qStDy1CgdWpDnlUBTGh9pnVgLq2Cglnqv2iZBg3EhpKd7IFClBMhXH30gBfYjqix6xlvlojigQrCPRLouckXErJ2XlgQjsCxNCUqDlXoYo_qKEJrwATXiZWrvwTgBAOIBdzB-Z9NkgUGCAMQARgBkgUGCBsQAhgBkgUKCCIQAhgBSLuTeJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHsvLYpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHDBDF6gcYzf3z-wEgBNIIHQiAYRABGB8yAooCOgKAQEi9_cE6WPDO29n6gYMDgAoByAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQ4KS-h-myx500EgIBA7AT-rnOFcgTxMLp4wPQEwDYEwqIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItMDEzMTM2MzE4NjA3MjU3NxgA6BcF&sigh=qyzWi59u2oI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNypPMkm1bgw8l8wK-IQhUlq1qYMRhu-QPaTdWmLb7Bh37jcZ-m7nsS4IE0FCBaZN4tC4q0yHfGAE&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0131363186072577&output=html&h=280&adk=428969548&adf=1646928005&pi=t.aa~a.4168206456~rp.4&w=637&fwrn=4&fwrnh=100&lmt=1702111295&rafmt=1&to=qs&pwprc=8350298937&format=637x280&url=https%3A%2F%2Fwww.nfscars.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702111296475&bpp=1&bdt=1405&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D34b9bc62022152e8%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA&gpic=UID%3D00000da7c410263d%3AT%3D1702111295%3ART%3D1702111295%3AS%3DALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ&prev_fmts=0x0%2C728x90%2C0x0%2C250x280%2C605x280&prev_slotnames=1396184927%2C1396184927&nras=3&correlator=6470274486482&frm=20&pv=1&ga_vid=1774941298.1702111296&ga_sid=1702111296&ga_hid=1682099723&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079920%2C31079922%2C42532523%2C42532601%2C31080036%2C44807753%2C44807406%2C95320884&oid=2&pvsid=716065436240706&tmod=838684996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&dtd=10
Attribution-Reporting-Eligible: event-source
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame B000 11 KB
4 KB 32ms
32ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730021;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1707814360;ord=zs20fo;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCvV8OQCh0Zc3LMYetoPMPm86NqAPBjPyKdPzq16_uEa-BuuPXAhABIP-U-AFg_eiigfADoAHS-MviA8gBCagDAcgDAqoEygFP0I5y-uipIqeF5WDCGQ6BWAVrm5l4XmpfRSlwo5eElUf6nhCUlWs5-JrY1JSwEqkvz9cvoyizIgrr18ong1P8_FNNA0DbU45AnNsiFowJIwVkOfm3NyFuZHrIM0Zb8NyFzfsbTpANY3hyXE_KD-reb3UMURMZo28WgjKh_85V0_S3zSzjBfqnOGZncGwXEH4bIR9zh_E5yidgCwlJ2lApXcS7N0wVNS-17lMlR35J3uAFdH2Q3lZtxTA-UVjb6_-G8OuGLZX63pIPwAT_8v2ThgKIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHQiAYRABGB8yAooCOgKAQEi9_cE6WNjL29n6gYMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQoNuEhr7xselhEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIzevb2fqBgwMVhxZoCB0bZwM1EAEYASAAEgI2FvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaN3kGjMYnWxJhOC2fuEaNXKB7LFkIsIm-VoQ2_IRZWjKpjUA7YZkL2Vd9jma06QsURXVMiGMBbGAE%26sig%3DAOD64_04q0JBYdo_-6QGzSMHTfENzZVQKQ%26client%3Dca-pub-0131363186072577%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.nfscars.net%2F$0;xdt=1;crlt=)KV22Zze8-;stc=1;chaa=1;sttr=49;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:51:43 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B000 111 KB
39 KB 101ms
34ms Script
text/javascript 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 01:33:41 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4A58 0
234 B 673ms
268ms Ping
image/gif 172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpxt4ala&c=6141818007325&slotId=3070909003662.5&qqid=CKnu29n6gYMDFVGRnwod01oIUQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s51-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A58 41 KB
15 KB 36ms
36ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 15:02:24 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4A58
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

88ms
26ms

Fetch
video/mp4

173.194.31.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/640A44B8A95818DFBCB21B1787B69F1CFED25B7B.2CF790380D6C574CA2FAFC92351CB5390117CB2A/key/cms1/cms_redirect/yes/mh/vq/mip/185.193.64.66/mm/42/mn/sn-ab5sznzr/ms/onc/mt/1702110986/mv/m/mvi/3/pl/24/file/file.mp4

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

HTTP/1.1

Server

173.194.31.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s48-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 08:41:37 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8607627
Last-Modified: Mon, 20 Nov 2023 21:43:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 09 Dec 2023 08:41:37 GMT

Redirect headers

date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/640A44B8A95818DFBCB21B1787B69F1CFED25B7B.2CF790380D6C574CA2FAFC92351CB5390117CB2A/key/cms1/cms_redirect/yes/mh/vq/mip/185.193.64.66/mm/42/mn/sn-ab5sznzr/ms/onc/mt/1702110986/mv/m/mvi/3/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B000 41 KB
14 KB 36ms
35ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 15:05:03 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9BDE 23 KB
8 KB 36ms
36ms Document
text/html 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 63864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 14:57:13 GMT
expires: Sat, 07 Dec 2024 14:57:13 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F0EE 38 KB
13 KB 37ms
35ms Document
text/html 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 63543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:02:34 GMT
expires: Sat, 07 Dec 2024 15:02:34 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BDE 39 KB
15 KB 32ms
32ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 16:26:38 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B000 202 KB
64 KB 34ms
34ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:41:37 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/ Frame B57D 7 KB
3 KB 109ms
43ms Document
text/html 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

4a0e7b6cd45f43caa28aabade3370b7f6f2e47c0c93a4dc1c05cf32a8ff35da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2709
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:37 GMT
expires: Sun, 08 Dec 2024 08:41:37 GMT
last-modified: Fri, 22 Sep 2023 01:18:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B000 0
0 118ms
49ms Fetch
image/gif 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujLKVZwzw0qV1e_BJXevxmGWDehxR0tXaa32EBh0YaMdMLHEftIaCaaIzps30SJR5ThJtW2cnlM3KjJK9mt3JuW6UuhAB3Nx-6cXZHSQtCccWaeKaFGRVjskJNa3akmVW8VyECdZVfDALX7ZxblSB3SXUNVRiaWcfR6ho&sai=AMfl-YROXFkIRJGD-FrZe6lXZqyyBhah-N54dmSpKyUaj78bRg6MSlPLwkn7BnTBqvJmntPP0rrRmQ9ynQ83pjmXru_TfX0Sajn6plyQog&sig=Cg0ArKJSzAiWsB7a03eQEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=123&cbvp=1&cstd=120&cisv=r20231206.06862&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F0EE 39 KB
15 KB 35ms
33ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 16:26:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C91A 42 B
64 B 110ms
48ms Fetch
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi1tY-Zq-XOZtG2G7C2gIXY9iI4irSSukbQE_zQc6SRu6OnFuipxon3-Z_fdVGomUxhv75m4wfu0OkaYXI4_1U8ckIkXmLDl4KfFGyvnK1MwuqYwfrWA&sig=Cg0ArKJSzCbQXrccDXzhEAE&id=lidar2&mcvt=1012&p=0,0,90,728&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1286051082&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702111295848&rpt=787&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B57D 60 KB
24 KB 43ms
42ms Script
text/javascript 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 08:41:37 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B57D 236 KB
63 KB 52ms
52ms Script
text/javascript 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 08:41:37 GMT

GET
H3 200 plugins.js Show response
s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/js/ Frame B57D 8 KB
3 KB 65ms
64ms Script
application/x-javascript 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/js/plugins.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

5d1cdaa424c535df8806e191a90a42bdc795a237d6378664607fcef4eb98a10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3044
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 01:18:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 08:41:37 GMT

GET
H3 206 file.mp4
r3---sn-ab5sznzr.c.2mdn.net/videoplayback/id/f486e8b25d589edf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844964720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4A58 209 KB
0 55ms
27ms Media
video/mp4 173.194.31.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.31.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s48-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 09 Dec 2023 08:41:37 GMT
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-8607626/8607627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8607627
last-modified: Mon, 20 Nov 2023 21:43:38 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BDE 0
20 B 49ms
49ms Image
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B5i32QSh0ZbeCHdLaoPwP_bOfsAEAAAAAOAHgBAI&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOEO1zINBzihEw4vY4C-dklh2Es-jmE-u6HPv8pMArDBpcQl1LPzaz2jTe2zbw2evAgAAANFSAAAAA2gBB5kDFePR9a0ywQzdsbhBoueS4pSLlIy45SsP9mnGQOa9lNpAoueGNp3Jr8vm5X4dPNM7vaQwzeFvjRMzRKfZ6L6sQ-7rQS1FbyrhctGfyQs_jliVIWyJoPoZmtTHm519dOWbcEWiyPf1nq8LxbQqRMIR79qW489dc3UyKQs0MzA6n3OXIF6iDiCfm5-Suwt7UHWBj3JURaCpyQC8KOOTwiHF6rhuZSKs8D9vaBlJ9qnGnf9PySVc_6SlXHO2tqKIoZQ90uxrItC4cAuuxGrMYJY-Py5_bOsIehDXAGh5Qt1srm-ovgBYi8TYeYxVRXVAUUHEWtZRrkvnxGCqaDhpRo05h1SSlU5yZakcudRUvgVgkkY8K3cXHSw7hgX8lwRY0TRaMqiGG9jRxT3EWempPfuNcsxxEJpG_TOMlluoGcjE4JQDXdWcOM_1A26bxPkSVzadeHqeEtv6-jOtK2_jwYbF2s0RpFn6Wr8hLVQ-0MNDMxt99CTOUzyy85X4nhPNWus_eWgL49HdyOYFuWmtfHx6fc3n8oEd6PrY14rsyqrjbj6D-F5r97vlqMIq7kdc4ylJMb5biipqv3ADj_58vEgDWjB1aKaCdgqgbFZnabvyS6iVDnUdyR4J_YTsxGxULnA6VC3SSSNfHU1YxBND8Y_a2k1zH7szUpve0F0_kOfVCWUYKKjIaqx27Lod9zbLLE_YBrqiz44RFP6RGVUSwUZk13Cio1kXt9EHDfYF3m0vhcIhzLhApH5rWO7PCeSfsb_LvQ6bbEdlqvXw06iO-83LsygoxvYff-YdFO0UYMUb56KuJXgDwM4Sc00YTtkdx7mkrWYDYt7zTf8H3WZ0RbSxM1ofZfeNoYgTgo3i7wNsIqgVXBDgdPTXppnsJJ8U5gztJNAwhjatoQItev0W8maiWJiwCZU60nMjORRjZ5EPTWFUBGILtf1ydjWSsPg7vfRcvOVmRDfD-vZ9Bky_SJWa_XCLNG0_awsevITZVHBGy3yPMjECQCp3FuE6gjoI91We_jIkiM34u_izD-692Z6zCji4zvPETQ

Requested by

Host: www.nfscars.net
URL: https://www.nfscars.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/ Frame B57D 54 KB
13 KB 48ms
48ms Script
application/x-javascript 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

f0b5100271a6a81bce1fe4f157e957e2c1b9dbfffc39c48131f2d610532fecbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 01:18:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 08:41:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0EE 0
20 B 50ms
50ms Image
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjZM7QSh0ZdL-G4WboPMPxbWbiAQAAAAAOAHgBAI&bg=!4eKl4q3NAAY3kmNgF5I7ADQBe5WfOGj-mu68ZzEncZ1XQ0JAgptQqhRIEvOaAQ_KJWgwL4As7sgFvVnVvvSh3JGqQ3HfAgAAALhSAAAAA2gBB5kDUnqpBWGXxQdhoZry1K8TuJeRncWHQKJFD5G1GAeir4B6RA5DxlXz_tbsFKOdYP-v9cIzjBV964hgpfUJK-_IjWtErxZVCY0r3vY8eBVrjurH_hnT6pFuYugN6pc5ombP6Yu-k1UySGOhhDRj6Wti0H7I2NJel04BdB96EEVH9aYxzsY1CnUstCZEauO-6XicjvZ4ciKIM20t09rbV7c1v9u91hlPXkQPnr3uhS8yhSkOCcVu7tY0KdaFPxK2_JsiSSsJCLyHzkvhoHy4gXyYKB4ZNO1chKtu2LvblpqVXleOmFGzV-8Bj8vUwL980syprAsGndxS7O1ZIw5tr3a0uShnlsgnEN6VNns884w9PtJaorLIDN-lluux5u_5Hnwm3uaV-fn77gZPK0neXheudnVhiwhK4CoBVRvLkbFUpK6k4UYPM803FrdhYFLgzvsuHJsqDv68NKCAlln86sD1a0QncUfWYYBAx8o5_W14mWeVHKfnMLDqdvpJSPPSfHaQSh5LznaYKAHyOebHcwTmGvfmf8kVAcrlpP6rrgw5F2AymPNGyX3HdOp_vBtBefHVf0ngFLI6TdKMgCmnOtMdbhc16d8gAd_vihCal3HrrzPIEkdppPO2SoRiGiTs6mwKeSTum1Jq6Lwg9rRi-rmLYZ1BTPQ16nL26x5dZFo9EUT_ds1q51XZD3Z2P4hUQqfCn_i_IHgG2ObWvtlSVaIwyrEo1sx4Bw6HXkK39g9sTMDYTzGapq83s1B2dtZVjsmbHqP4ZSlTK0JjEhdnTR4JaqASf4PS8fsolbz6W4BXa2ObVTRNHTECkKJhKop5U_goUzGJ-9MErR71CVqvG-CMi_g1z6spR4qZcbzd9sHUd-acRAZvXe78js7Dqtw6HrUsCmw57wJ4fcud8xKvORD2x7ZvSNRYX_GJxl70cEjyyBgKkQA3h5HUTHUtpMUOKSAsgk30As-xAFAOpyzAL4dnC7DbBX7loxZGg6VBMVp3KnkJbP0eXo4IXTGKQIlsZv2pz24eSfuh2AF0a-DtU4I8R6uXSZ4OdxfUtGYER7HxKR12T3yoC2d52DLz0W_xbPWL8Yxp-xo_2d2kiJ_zgdTtYSaxjHlBjrpazqqOOyQoweNE-Cs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 photo.jpg
s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/images/ Frame B57D 113 KB
113 KB 44ms
44ms Image
image/jpeg 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/images/photo.jpg?1685116440036

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

7d33dd25f81eef175f448371949b1f00fd9aabe1f96de925cf7da9ac9fa66697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115497
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 01:18:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 08:41:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 746F 42 B
64 B 48ms
48ms Fetch
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIyZ45pelnyyReNrHeLeVPRKcM6CHRccfuH2NnEB2MEQbC_yJ7N4AnDZqK2WLEoEMd_g-lbP_I3BLCFTWYRD9yzR_SazTM9BBbB1HxjhKsAdCDNbPyVg&sig=Cg0ArKJSzE59NFcRyQuXEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=134,786,1000,1000,1000&tos=134,652,214,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702111296595&rpt=418&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.png
s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/images/ Frame B57D 1 KB
1 KB 44ms
43ms Image
image/png 142.251.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/images/dot.png?1685116440036

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f149.1e100.net

Software

sffe /

Resource Hash

853cf2c3099fa2f5d7dc4dc14d3c60aa77cde58298cbcd7ada93c34ec4c1a902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8624893391879031884/E054_Q223_Foundational_PFC_Pillar1b_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1132
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 01:18:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 08:41:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B000 0
0 50ms
49ms Fetch
image/gif 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujLKVZwzw0qV1e_BJXevxmGWDehxR0tXaa32EBh0YaMdMLHEftIaCaaIzps30SJR5ThJtW2cnlM3KjJK9mt3JuW6UuhAB3Nx-6cXZHSQtCccWaeKaFGRVjskJNa3akmVW8VyECdZVfDALX7ZxblSB3SXUNVRiaWcfR6ho&sai=AMfl-YROXFkIRJGD-FrZe6lXZqyyBhah-N54dmSpKyUaj78bRg6MSlPLwkn7BnTBqvJmntPP0rrRmQ9ynQ83pjmXru_TfX0Sajn6plyQog&sig=Cg0ArKJSzAiWsB7a03eQEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=633&vt=11&dtpt=510&dett=3&cstd=120&cisv=r20231206.06862&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
58ms XHR
application/json 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

b51d4399b2a99f9baa7d6293fb3c737e1f97dc858b74a62b2cd3f4b59e715838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 08:41:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAC2 13 KB
5 KB 36ms
35ms Document
text/html 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 4545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:25:53 GMT
expires: Sun, 08 Dec 2024 07:25:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31D3 829 B
1 KB 50ms
49ms Document
text/html 172.253.62.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f147.1e100.net

Software

GSE /

Resource Hash

d7ec2c7f380d117ed7980ea44d0799103f5e8af004ca26041a695acfe1c5a90f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v5KP0LqpYOOJeGCnk0UmgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nfscars.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v5KP0LqpYOOJeGCnk0UmgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:41:38 GMT
expires: Sat, 09 Dec 2023 08:41:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FAC2 39 KB
15 KB 33ms
32ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 16:26:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31D3 0
0 47ms
47ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=716065436240706&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FAC2 0
10 B 35ms
34ms Image
text/plain 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RTZ7qg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:41:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 4A58 0
54 B 268ms
267ms Ping
image/gif 172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpxt4anj&c=6141818007325&slotId=3070909003662.5&qqid=CKnu29n6gYMDFVGRnwod01oIUQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ss~vil.14i&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s51-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 08:41:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=716065436240706&bg=!gIOlg8zNAAY3kmNgF5I7ADQBe5WfOILBHC25dF_I5G59HCuo_zUfLsAn5ctekESmRa12hR3X6r66yKNmpQsxddHiX-gyAgAAAEJSAAAABWgBB5kC76kGEmCEUPBspqBS9vEJ6G6_MdvwFF2jXiDvpxIIG9sMQWJryHVZ9cxL-dkhQ4Wv220sPPrWLJuUVvLsQgFj_iDcc6Wu-sgVl6ukFXZtQoGQBIYfeLWdSkQHX8G-AedhMud5Ts3MWO1RMxtLh0usbzrTXWnruRuCgGtnQ5CGEZ9ob526xT1oa_n7AZUfLJsQUs31NheE2JnsBEgca_NVU3o0TIu7QoGwXEGCJs8KczAbzv29ty210ULRUr8GYtuV_9RwW-jMl3VgxFYJbaYe_TtdCq3UBHfgRS9PlDCnRoxTL5AlXmr8GjdGZcwOybriDD9TymsLq90bNGAs3aKcF2RZUflIvjg3MDqYdaOqSPj7NYQOb2IyLf6eu_5dVT05CmKPzy8pBNWpVXCyFsCKpT8X72CfrclG90KvEOQp3dgHgW82JCKRC_Rl8WODmOAsEN2-Se_l8j770Q9kTWNW7Ox3BlRDIZdcXFL3AmKot0SAg8FuvZ8UWghimdjwlJ54RzYX98UeSucxp1bReWZhCI8lMq7agWWGe1NN0Jyc9ocO13AdKwjBJFv2XO7klxKgpKt1gu9LdnO8DJ42GT0SmxpX_BASbmb7GnexHsyfn-TzTJadbDhx15n020KJvsHIC3jujcHhJLnaPJdc_rK3UMI-zBNEXuZCv6t7Jt2oApfmMMSuimOvQ5PcauRBB3IIF0lT-fTAZcs-nD_aiadovzyHlI5qpQ00AvRfIxs3HmCpgtqKJH8dIxRPvN3eOeCOOCI7dJp_TUBKL-Yiy3xw5mj0uWsseVWiOT7r7_2P5Le03a98rSpqo97jW7IJfS7CHcL9OjtYwiQfoIzjqnLVpYjt_gEzE6AUjJNKYLhdKiBByz_1RNEuK7utW6WTYTX8SsIYt7gKApR9iIeR9Dk75YZzLvyAM9Tz7Rax1MukC5NgXs6wkM5CczKbEaABoidKtYi_YBDTCPjRmc57xJ5x1pbIwh4QZguA1MLOWHhDK0U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nfscars.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.extend.tv
URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEKd3cfkOSIRSEzQF0n5ZOTc&google_cver=1&google_push=AXcoOmSA1IhR5dpEauIR_1SI5_4nZUefDiuAH4YaVDecsEBtRR9-ctocyXQo7OiCRwqouusMt6mS3n4OysRNep5Q2IXyIv0hbeFtmQ

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nfscars.net/	1970-01-21 02:24:31	Name: _ga Value: GA1.2.1774941298.1702111296
.nfscars.net/	1970-01-20 16:49:57	Name: _gid Value: GA1.2.139890166.1702111296
.nfscars.net/	1970-01-20 16:48:31	Name: _gat Value: 1
.nfscars.net/	1970-01-21 02:24:31	Name: _ga_LSW8BGXQQ3 Value: GS1.2.1702111295.1.0.1702111295.0.0.0
.nfscars.net/	1970-01-21 02:10:07	Name: __gads Value: ID=34b9bc62022152e8:T=1702111295:RT=1702111295:S=ALNI_Mb3wKzpRllJqJXDCqy40YBt0Rt7wA
.nfscars.net/	1970-01-21 02:10:07	Name: __gpi Value: UID=00000da7c410263d:T=1702111295:RT=1702111295:S=ALNI_MZXNEHwaJIICJ87y2Vpsn-SYf0cAQ
.doubleclick.net/	1970-01-21 02:24:31	Name: IDE Value: AHWqTUl84Zv4V7pJZMoPqUKynGyA8QqC_fIFSw14v7nteQP6MJlapA4IhXnc8stVi2c
.doubleclick.net/	1970-01-20 21:07:43	Name: APC Value: AfxxVi4pA9_JKvbeJfccnVt_vArGBPk6s_2IEGypyF0X0iY83OM-Ew
.turn.com/	1970-01-20 21:07:43	Name: uid Value: 7864742947199221605
.yahoo.com/	1970-01-21 01:34:28	Name: A3 Value: d=AQABBEEodGUCEJu6nia6JBm-ukwyUbRTbPcFEgEBAQF5dWV-ZQAAAAAA_eMAAA&S=AQAAAtoDweWPnak3-97x6bXghK4
.mxptint.net/	1970-01-21 02:24:31	Name: mxpim Value: R33646_10D69D7E8_C3AF87AC.1.65742841
.ctnsnet.com/	1970-01-21 01:34:07	Name: cid_fc5e3e6a8a2d4f20a569bc2e8c53ab33 Value: 1
.ctnsnet.com/	1970-01-21 01:34:07	Name: gid_CAESEKiSudSACF6flQsjK1VoCkA Value: 1
.adentifi.com/	1970-01-21 02:24:31	Name: adtheorent[cuid] Value: cuid_c41c44e0-966e-11ee-8951-126da42bc963
.mfadsrvr.com/	1970-01-21 02:24:31	Name: tuuid Value: 44de91f9-f455-4169-b7cb-8328db3e6650
.mfadsrvr.com/	1970-01-21 02:24:31	Name: c Value: 1702111297
.mfadsrvr.com/	1970-01-21 02:24:31	Name: tuuid_lu Value: 1702111297
.adsrvr.org/	1970-01-21 01:35:33	Name: TDID Value: 4b2c4894-1125-4cdd-94bb-3c1bd0829959
.linkedin.com/	1970-01-21 01:34:07	Name: bcookie Value: "v=2&790e84e4-2bbc-4af2-856d-53b6a3539dc6"
.linkedin.com/	1970-01-20 16:49:57	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2695:u=1:x=1:i=1702111297:t=1702197697:v=2:sig=AQEk_tytHtazSbICAEkxygPzvi2myrxq"
.adsrvr.org/	1970-01-21 01:35:33	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIpuiDipanvDwQBRgFIAEoAjILCLCi3rasp7w8EAU4AQ..
.mediago.io/	1970-01-21 01:34:07	Name: __mguid_ Value: 81fa84b7ead217ea1043jt00lpxt4aq1
.mfadsrvr.com/	1970-01-21 02:24:31	Name: ssh Value: !google,1702111297
.adx.opera.com/	1970-01-21 01:34:07	Name: UID Value: OPU5b9af8e041ce45eb9db76ec9504eb5aa
.yandex.ru/	1970-01-21 02:24:31	Name: yuidss Value: 3847471401702111297
.yandex.ru/	1970-01-21 02:24:31	Name: yandexuid Value: 3847471401702111297
.send.microad.jp/	1970-01-20 18:58:07	Name: TR Value: 37c382619bc7d26b616e026e5190d857bad1e9d382326020
.bidbrain.app/	1970-01-21 02:24:31	Name: uid_cross Value: c461f440-966e-11ee-9cfd-ca33fed42b88
.bidbrain.app/	1970-01-20 16:48:38	Name: sid_cross Value: c33393ab-966e-11ee-a510-5e1ef32580aa

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEKd3cfkOSIRSEzQF0n5ZOTc&google_cver=1&google_push=AXcoOmSA1IhR5dpEauIR_1SI5_4nZUefDiuAH4YaVDecsEBtRR9-ctocyXQo7OiCRwqouusMt6mS3n4OysRNep5Q2IXyIv0hbeFtmQ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
aep.mxptint.net
aid.send.microad.jp
an.yandex.ru
bid.g.doubleclick.net
cdn.jsdelivr.net
cdn.rawgit.com
cdn.rtbrain.app
cm.g.doubleclick.net
csi.gstatic.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.imgur.com
i.postimg.cc
imasdk.googleapis.com
ius.ctnsnet.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.turn.com
r3---sn-ab5sznzr.c.2mdn.net
rtb.adentifi.com
rtb.mfadsrvr.com
s0.2mdn.net
s3.buysellads.com
srv.buysellads.com
static4.buysellads.net
stats.g.doubleclick.net
sync.extend.tv
t.adx.opera.com
tpc.googlesyndication.com
trace.mediago.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nfscars.net
sync.extend.tv
104.18.11.207
104.238.220.140
104.26.2.190
13.107.42.14
142.250.31.148
142.250.31.156
142.251.16.101
142.251.16.156
142.251.163.155
142.251.163.94
142.251.163.97
142.251.167.156
142.251.167.95
142.251.179.149
146.75.28.193
151.101.65.229
169.150.236.99
172.217.26.227
172.253.115.138
172.253.115.94
172.253.62.147
172.253.62.154
172.253.62.95
172.253.63.132
172.67.133.7
173.194.31.200
192.95.3.44
202.233.84.1
213.180.193.90
3.162.3.109
3.33.220.150
34.234.206.124
35.186.193.173
35.207.24.140
35.208.249.213
38.98.69.175
54.192.51.21
54.198.64.103
68.183.51.111
69.194.242.12
74.119.119.150
82.145.213.8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a8c568210f7e4433924c0c6971b8a2fbfcd6b1b22b4f183668dd90852227852
0a964a97cd2a50f6b7af68d9761e8adf833bf7f01ceb3ce6f8e246772d006a42
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a
0cce7cad0ee52485c43292924d99e76c89249cb3e086596d873f5c4ad01d2807
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
100d9e8bd28c0debc736db45f3f06c55daec1d300aae645b2add30b1189a1539
121faa6930e413f9ad1adeccf812cb9142a45aa8a35e7790f3cfeb8be2ee9f3c
13614a5eae9454f44dcf35c2b73a854d788a9200965fd34970dc09acdd2617a0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16d5075c44fe92825c7dce4fb1cae48a228da26a03a1d56066e4d6a24365a27d
16debb563a91e85339e3c7deb0b5e110168160d490c33d429cbcb09cdd2d4a0d
1a68dfdff98b2fb2ac93f72d854b46daad859629be22f11a05c667a267d38ecd
1aab1d12b6550c2e9bad3404e735feb7427f48f57e83795bfdd7a093c78e56bf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3
2113f5b928e54c436f2b858dc112a585a39f2aea6daa3d2a06da3b261b7deb2c
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
225ae182c848a1003e7b48e1a17bef4f50ad72ce587ced4f205ee0bead20acce
2351d1684c1952422f3de1f422fb5b353bd6a5ee82eceffa9f77c36f1af445e5
259c3a500f755ab2c9438a77b042282b7dcd208c24681128fd57bdf1c16d4f83
2782ebf8080bbe3fea68feece3ae22cda9344f02488c3396adec4ee4661e144c
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
295a9beae2f13877f9e5a9eadfbc867e84acb714ba0e52794d495cfe5d5a2de2
29c262bbedf6e9c041373508ca2894a4b01d61d9557a616ea060df50c77a3c56
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a678642e425b6219511232facc55d3b97e557efef668514d5daa402cc2c7664
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e4f7996f4b67c1422da4b8706080ef5ff8ccfc0e3bf8a27e0a6c049534ea893
308cabb34e192402639f022f1e0985f5363d3912425308351173748aa41d1ce5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318e20115f25ae0c8a1c0292fd090ea2fe10218fd226cd9d522bdbbf3ad647af
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
326eac6397f105aa9ace0968b57c90b450736e28eb331d0d321bb2ac82ee6dd3
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
361f926cddc0e0174467fa39845d9ec93cebb5b614c520d2f741d3eef461ee72
3966cf4b207066484419d2815f59003faae1daa8a26865e8af797526f94c93ac
39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a0e7b6cd45f43caa28aabade3370b7f6f2e47c0c93a4dc1c05cf32a8ff35da8
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de1f58e4489788bb4864f7fc4e6e329a46161a3f8a8e25164011ade9675fe5e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504c81d3dd09c528d17ddedf4b32022727ab9b87185ec44a08b7b0ccd39bbeda
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5749b91dcdcedad8f4c6150c6584d938310b2191cf6ea81254cabd330edbb999
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1cdaa424c535df8806e191a90a42bdc795a237d6378664607fcef4eb98a10c
6167d38eae0050dcca7f379e32be736df2a0d2f09bb0de9a7b4e8416702ade46
618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c
61b66b06527a91591794f90118b926af8b6ce46666172ae3c19d2529aa5d61ff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
634b08f5c1602a384250124b760e69c694b68da8dd838f0dd0311136ed3d0957
6566c0bc92662292b90e435aed9c09b89bd7082f2f43a56ba933ec4a17a0a923
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
6a2f871e3a0891981965b332d9800787351e2894b42df610bc3e7295d98178ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
74d11fa05565b099aa4c47bbae8e2caeb7ec22446f2bddda10643356b4701d65
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac9adecb8d0db71a9db665e0f64b37e4ab5827e39578210d012922af19253be
7d33dd25f81eef175f448371949b1f00fd9aabe1f96de925cf7da9ac9fa66697
82abb3313add4bfb9c4b27cf733085c96af837c3caac6d266114db72f9d217f1
83beabaad1d2b86aa95e729454288aa818d2356b0576b15be0ce5de32efe6425
853cf2c3099fa2f5d7dc4dc14d3c60aa77cde58298cbcd7ada93c34ec4c1a902
86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84
8b62474f076c6dbed181db1adae9be008fa048fef936d3848ff90aa91544221a
8ce2e04964e614109dd10e467f1754c68a0eb5cf3851e5b4ae5023bb0abdbce9
92ec8fde8f15b0f8e9843fe9c6fcca31276750140bb856f4c42c2c2dd66d0065
92fb71c43c06ca1ead2f7df5b1cc6879391c77f0a40da7c91fd0e01bb36e5291
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a0f40d5b76618b714dbcbf4f9e256814bc6ba32977c1bd632ab7b1fc0911fcb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b
9c774d2f006d79e955500f7f59ea7d4ab2ec03599a27fec4f09458df4fe016ad
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a3a4b6a99c2c9fbdb260cb0fe6c69ca699e8cb61eaef682c17c83650f92178d6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad0420dba9bcfe4b3e54970827582bbdba5188bbc10295e59691c8929bfdcd32
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24e4ceb115f9317c49fe56e2a99167adb655c744c648ed19f43c005b336b08b
b51d4399b2a99f9baa7d6293fb3c737e1f97dc858b74a62b2cd3f4b59e715838
b71f50cb50b14dfe0d7a8e34a213d892f7116421f4342ccaba478a07913448b7
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
bbdefb0fb8789d5c9d1576c8e836debe88cd9a92072fe7055a9d7f69389bf11d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd97063da93feb8d1b863adb62c261091689b7b3655caef25bf854edbe83a295
d1f6263df8344cfbba18a961d25e4b52b9eeb5b4aec8f25fd88eb631eff475dd
d5de502a02b09d81fd349b4dc138e546bede6aa7fb7f8695c24a83708264129a
d64c85a3fa3f67e050238dac6c815f262efcdbd24895ea9f235e084c26f4724b
d7ec2c7f380d117ed7980ea44d0799103f5e8af004ca26041a695acfe1c5a90f
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
da09ae266a4a74207746a3857bbb3037cfc0ecde3b69f80cc1e02891bbbe03d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec124e24151c12beff702b0d7159b1030e1384add93ae1d2abb671f5f91e1bb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f037d644a235afe200100d2314be9571611997c5577fc570d9f952964769c34a
f0b5100271a6a81bce1fe4f157e957e2c1b9dbfffc39c48131f2d610532fecbe
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f58a8eb54f619b279e70d034bf490e052758e72e824c8a1ac542f532daaac962
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faa3d8b0316413ac0822c4695810d3e5564d33783da040a064b8defd6c149b8b
fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b
feeb693e5ee754cef8e07d938c9749c0acda007732559531431f39b29027b6c4

www.nfscars.net Open in urlscan Pro 192.95.3.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

78 %HTTPS

0 %IPv6

33 Domains

46 Subdomains

33 IPs

6 Countries

9295 kBTransfer

13237 kBSize

29 Cookies

18 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nfscars.net Open in urlscan Pro
192.95.3.44 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

78 %
HTTPS

0 %
IPv6

33
Domains

46
Subdomains

33
IPs

6
Countries

9295 kB
Transfer

13237 kB
Size

29
Cookies

182 HTTP transactions
4 data transactions