en.w4ksa.com Open in urlscan Pro
2606:4700:3037::6815:30f3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malehealthboosters.com/
Effective URL:
https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Submission: On September 28 via manual (September 28th 2022, 4:44:53 pm UTC) from US — Scanned from US

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 1 countries across 17 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3037::6815:30f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.w4ksa.com. The Cisco Umbrella rank of the primary domain is 739841.
TLS certificate: Issued by E1 on September 22nd 2022. Valid for: 3 months.

This is the only time en.w4ksa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.254.233.58 192.254.233.58	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700:303... 2606:4700:3031::ac43:d1e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3037::6815:30f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1	2620:100:a005... 2620:100:a005::14	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
9	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1 1	209.140.129.66 209.140.129.66	11643 (EBAY) (EBAY)
1	23.208.217.48 23.208.217.48	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
70	23

1 192.254.233.58 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-233-58.unifiedlayer.com

malehealthboosters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d1e9 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::6815:30f3 (United States)

ASN13335 (CLOUDFLARENET, US)

en.w4ksa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81f::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a005::14 (United States)

ASN19750 (AS-CRITEO, US)

rtb.da.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.129.66 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-public-slcaz01-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.217.48 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-217-48.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	262 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 636 pix.us.criteo.net — Cisco Umbrella Rank: 1904 csm.us.criteo.net — Cisco Umbrella Rank: 1815	194 KB
13	w4ksa.com en.w4ksa.com — Cisco Umbrella Rank: 739841	89 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	46 KB
3	criteo.com rtb.da.us.criteo.com — Cisco Umbrella Rank: 5340 ads.us.criteo.com — Cisco Umbrella Rank: 1785 cat.va.us.criteo.com — Cisco Umbrella Rank: 2390	51 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	5 KB
1	ebaystatic.com secureir.ebaystatic.com — Cisco Umbrella Rank: 3961	515 B
1	ebayadservices.com 1 redirects www.ebayadservices.com — Cisco Umbrella Rank: 3242	668 B
1	gstatic.com www.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	694 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	42 KB
1	ois.is ois.is — Cisco Umbrella Rank: 453637	894 B
1	malehealthboosters.com malehealthboosters.com — Cisco Umbrella Rank: 623578	332 B
70	17

	Domain	Requested by
13	en.w4ksa.com	www.google.com en.w4ksa.com
9	static.criteo.net	ads.us.criteo.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	en.w4ksa.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	pix.us.criteo.net	ads.us.criteo.com
2	csm.us.criteo.net	ads.us.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	ois.is tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	secureir.ebaystatic.com	ads.us.criteo.com
1	www.ebayadservices.com	1 redirects
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.da.us.criteo.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	en.w4ksa.com
1	ois.is	malehealthboosters.com
1	malehealthboosters.com
70	23

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.w4ksa.com E1	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.da.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-24` - `2022-12-19`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-28` - `2022-10-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-05` - `2022-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-28` - `2022-11-29`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Frame ID: F0AF8A84C8A438163243FF001C41F0CB
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Frame ID: 7F739967A406749F1F10CE363342AC54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&adk=1812271804&adf=3025194257&lmt=1664383489&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489319&bpp=3&bdt=307&idt=592&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7671223969416&frm=20&pv=2&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=616
Frame ID: 82CA8422ACEE918553B8917FFE278ED4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=640&slotname=3879099594&adk=1852673842&adf=3674521187&pi=t.ma~as.3879099594&w=320&lmt=1664383489&psa=0&format=320x640&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489322&bpp=2&bdt=310&idt=619&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3du4J8W4ea&p=https%3A//en.w4ksa.com&dtd=625
Frame ID: 756B27DE4A1C012224756A1D242C5C9E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=280&slotname=1336658744&adk=3259557010&adf=1528403788&pi=t.ma~as.1336658744&w=748&fwrn=4&fwrnh=100&lmt=1664383489&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489324&bpp=1&bdt=312&idt=626&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4OOvkx0wiX&p=https%3A//en.w4ksa.com&dtd=630
Frame ID: C1424F2E8CA95D6A390286ACDAF8F77F
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YzR6AgACSdIJlMH6AAFssqENzwhVKaiiNBmBzw&u=%7CITEFp9vfvpXmaY5ddAll00%2F3E3ZIscw6IwruP1H3Q%2Fo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_Brln9fHruA8j1Rczuf7gXg-1uNqo2xpuCZfjTOeEXuR2xp4r85yQjR8fvw8godfhLHxJg5bzhEKvRIapz46Mn8Oa4inYlUFqEQD4c1Dx9xKfBFJz2Mz_j1LT-OIwpy4M9NoHzXBg6ClLZtnW_viZBokbBw8NqiGcFOMyZ7E1ijCwrzACBvnhV-siG-5GF-atCexSpIxcriB68J8rE-C5Vmfz0VsFhFBgMBkG7Y22VMXnsdJL5FaD_q8BaNHqdNLUPmfs5EJTFnsgEdqrB65ntxQUR-MQFd_JayHTsHy2FYbQNADAPf62j3qadiqimFQNB3PLamNBrAYNktozf-pbU-gluZdQ9atzleLTUSZcIT3jAEZ95fCdVCDHH1VpqiC7zoVeA5kOgPzraYu9J-rnbmEWCnl_bcIDRvIv4CuZ47RIQN58naF_AL7_LVG1fbVZ1Le_8kjStF2-RQ-dnpUPKR5P6-zCeYMAv-l-_5f0l0n6KhqlSPanIAaZ7IhBCgeBnjkHORnQxu979j6Rq3vkogOAZKp6qjrcmHwSWUmfCDK2kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCcU3Ano0Y9KTCfqD0_wPstmF-Aucge-wXIqilqS0AcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTQ1MTM1MjcyNTY5OTMwODmgAazd_ugDyAEJqAMBqgTuAU_QbV6tzY3ZVo0PH1l5mNQLiwBXwjgTNH6rUbPGtWsfUWWAp7VbtZLn2O0DVBnixJqgTrJHp76qTD1CVZub8EXgXc5p7y_wM45nB3K7pIhRVlBERNitGwJsabEed9bRutFDoPWdZUenhf-mAZ0h-G06ZfDNXbfxXUQ1t5OiT6rIzwmdSAbLBcBTuwQsqWVqdrPr7WGxrVs3krza3bVzRB8xHjiFpXsXsEZgsqjZRXStOF72RSUiXhvoxIVw32tcnt_6BdJh7sPaeSi1TIQX7o7VFhvKEmKnssYUfFCNYJVpoCNpy3Nc3hrqdjbm_K2ABuLbytiRp_uqZ6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1O5kXSzaHzNRgEngiPcxUqemINDg%26client%3Dca-pub-4513527256993089%26adurl%3D
Frame ID: 98192D8E5EBCB4327451479BF3B2A45F
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
Frame ID: 784302ABA8384AD4F1FFAB1562303645
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4C19EF8424B73EB907B632BC3F5C65F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E01308B76BB8FEEE6AE5B13D04432865
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What are electronic currencies and how to earn from bitcoin ? - W4ksa Q&A

Page URL History Show full URLs

http://malehealthboosters.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiLmYy1_qz6... Page URL
https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

97 %
HTTPS

74 %
IPv6

17
Domains

23
Subdomains

23
IPs

1
Countries

815 kB
Transfer

1887 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malehealthboosters.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiLmYy1_qz6AhUSC-wKHWwgCcQQFnoECBgQAQ&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&usg=AOvVaw11rOuK-4j9E1fLYCWPkGer Page URL
https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-166314-312825-4&mkcid=4&mkevt=2&mpt=63347a0268d9e2daa32c772f87f91b07&gdpr=0&gdpr_consent=&siteid=0&adtype=0&size=1x1&ipn=admain2&placement=570864 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
malehealthboosters.com/ 145 B
332 B 263ms
131ms Document
text/html 192.254.233.58
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://malehealthboosters.com/
Protocol: HTTP/1.1
Server: 192.254.233.58 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-233-58.unifiedlayer.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 123
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Sep 2022 16:44:47 GMT
Server: nginx/1.21.6
Vary: Accept-Encoding
X-Server-Cache: false

GET
H2 200 logo.png
ois.is/images/ 833 B
894 B 522ms
196ms Document
text/html 2606:4700:3031::ac43:d1e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: malehealthboosters.com
URL: http://malehealthboosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d1e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://malehealthboosters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 751df2223a5d86da-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 16:44:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2FsJ4Behcgo1%2Fz1Jbf9onX0fMFoGT1eztI8S3cdc%2BBjNhqfHPTlPjLcO3QvEEqSh7h1YMzrEDnQBcBpLqDXWTIjBkNaQRVPwDKj1sCrFs4wYBN29BKbWA7IxuLFhQSkTg%2B1tkQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 1 KB
1 KB 168ms
76ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiLmYy1_qz6AhUSC-wKHWwgCcQQFnoECBgQAQ&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&usg=AOvVaw11rOuK-4j9E1fLYCWPkGer

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 515
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 16:44:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request what-are-electronic-currencies-and-how-to-earn-from-bitcoin Show response
en.w4ksa.com/12/ 44 KB
10 KB 319ms
235ms Document
text/html 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiLmYy1_qz6AhUSC-wKHWwgCcQQFnoECBgQAQ&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&usg=AOvVaw11rOuK-4j9E1fLYCWPkGer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d43f60609b1d64ab33bea72d54e1b425a37185564f70dda849116c35b3ad6f8

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 751df224edc7c55c-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 16:44:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOJosIqdVmDkhtdoEVzFnSED8cBqlkXnS8ivKBywYGUjdAdzTri8qd702Ish%2FrZRmXffoi52DWlVv2%2FXsnecb5LwAOSUG3vv3506t0GhFwR9C%2FX%2FJ%2F4si6qMeRufBC%2BCjMTAE5CmWtKehSA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
en.w4ksa.com/qa-theme/SnowFlat/ 56 KB
11 KB 40ms
38ms Stylesheet
text/css 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 20 Apr 2021 23:34:58 GMT
server: cloudflare
age: 6493
cf-polished: origSize=71322
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV6fJ0mDyc3eTGa5zhTOFRgimmCzKQtstblog%2BN8zH4Hbip7hNGKbTWPY2jlQ6oNnynL9REZB73QI%2FAsLw9u4n%2B2Km61ZTSvNGC0AhpzGrIG87Npg49pyExtfmzVGkiXtAIvpeGYFHg0FiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 751df2266f31c55c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
en.w4ksa.com/qa-content/ 87 KB
31 KB 60ms
58ms Script
application/javascript 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 23:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6493
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHihQtfJ1eMroWU3IJSFlLI%2B0%2BNZAB4URSZDYG54LVHEztaswu92Adv3%2FF5Y0OL%2BrxzH2JCOO9vCRSXibSUnXGNO2jdOG7Lhumjz9KHDOrekjDMsV9ma4aeKBSpGqAEn5iG3%2FnMJXuRp7fQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 751df2266f33c55c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
en.w4ksa.com/qa-content/ 15 KB
4 KB 40ms
39ms Script
application/javascript 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/qa-content/qa-global.js?1.8.6
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 20 Apr 2021 23:34:56 GMT
server: cloudflare
age: 6493
cf-polished: origSize=20550
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7oBS%2BFMpGn6WfefKAsgsOJrwnoa1kBnol4PmwaTTd3Kn1hB1H4R%2BEsbhTE%2F%2BoC034kSKXBs0SQlfaKppvW4jZWIlWjTYTm6rrL0Qy9nYC5QeD1IYGq2YWaXAcINiIJRiNSAbK3b2pvtyEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 751df2267f36c55c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
en.w4ksa.com/qa-theme/SnowFlat/js/ 1 KB
723 B 41ms
40ms Script
application/javascript 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 20 Apr 2021 23:34:58 GMT
server: cloudflare
age: 6493
cf-polished: origSize=2383
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6YobD%2FOOOlZIPgOaYe1fy8qKWHr4BEWdKMmVS8fBaB0cg5%2Bkgkhb%2FrQ3d%2BkznmT%2F9Nbxt%2FyEKXY0qlMYCvinf2AwBiaKFEH9bQymt14OaSvSt5MQtGCjvpfBznxUAtAlR1LS9M%2Fm8t89tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 751df2267f38c55c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
57 KB 180ms
68ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4513527256993089

Requested by

Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762473261edc9e38ca8d735cb598b8cb7b2f61cc0b79d1a2decd671b889b7b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Origin: https://en.w4ksa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57613
x-xss-protection: 0
server: cafe
etag: 11518121742516500227
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 16:44:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 151ms
60ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: en.w4ksa.com
URL: https://en.w4ksa.com/12/what-are-electronic-currencies-and-how-to-earn-from-bitcoin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240f9dbc3c39bf1f41ed99e89f3358224ccd64137d061960621004903c69c0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42334
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 16:03:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Sep 2022 16:44:49 GMT

GET
H3 200 fontello.woff
en.w4ksa.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 42ms
42ms Font
font/woff 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://en.w4ksa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 03:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 207
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRpODu8Lu1W%2BpmW1r4cQB0XOBjNKgI9iVtuEkLg3gnN0hAnLHjSyjoKSjpegvCBCR4nC3vI7QZIgrs%2Fmd8MvSTvxNjbo0l4CI7j1xFoDpp%2FV%2FwhPUuPEZB7moCsBFHi9RhfRcrNYHO2nbrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df226ee9ee24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 vote-buttons-3.png
en.w4ksa.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 58ms
58ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Aug 2020 00:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BtwbmvQNa5r5DSBYjxkEEwlseu%2Fuz0nsII4N5u9iHot0KpxdK%2Fv0NF3WjACeIce3VMZ4s4qNLnCv75n6wyjt6xmHsypjVMEOJ8jLEeA3l%2FlFI4NQyaTqiJp3r2ZuCkxN%2F%2BxtepX9l6iCvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df226fec3e24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
en.w4ksa.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 60ms
59ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6099
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHPR%2Fh8QHdbB16mdg%2B%2B5oPLKTA9YSm01tHRBXhIHySaC3kHz8hhbMIXppEbu4%2B6KAB3WSh6etaSb1NROUbRC0sy3%2BLgzYOO203aZMbnxlK%2BTYuvEHuyOZuDzkD2rI5bEUGV0LOJ9Uxz8A2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df226fec5e24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
en.w4ksa.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 63ms
62ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8baXddPEd3ssusdvWFtIbqyHWv7pvIcYYRxuWcvvAEIZfTe9fXPa6zcE0Fevg%2F27kMOHhoi2BlQWzmKXGjp7UwxWI25Ij6tu55AbYbiPvI%2FTeG45gs0fJomJ%2FZ4Ai%2BSmF9mNMjgO2afFh0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df226fec7e24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
en.w4ksa.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 65ms
64ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6099
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn%2BnphLacV134wHYlbqmW2x31wW7VB0yBASZTxykRT71BmZ2JNAHNumOyDcEtdEARje3IePeXMB7WjMPRXDpTwrDcHkG%2BaIjlHQalAN8skAgV9k4qD51mnSaK3r9wX0qbD1wTxVZ39NO9%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df2270ecae24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
en.w4ksa.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 69ms
68ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5707
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkyhQZ1p5BkqsLII27iYOmNkR7LqGUtP1zPQW677Hg7NuiIXl4t3kaK69%2BCSMgkZGfLCwb%2B1rddYUQc%2B33xzmUp1soXdh95nGA7LucWIJLDPHSkkLrsF7Exjk9F8nL8sfwhkqSPceqBleBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df2270ecde24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
en.w4ksa.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 35ms
35ms Image
image/png 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4927
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJVz8Lji2kqxZIzyDUwGdqPnm4Alp8DEhpL0nkmHxwSD8Vr1%2FmxlB1sEOgxfCexxZnb%2Fku3iMOi2aDn%2FWj1Y4yuKETqYM%2B%2FW7ILPhVd9h5xd4JpggAEI82MMqrVZnNNK3H9S1ZFTJKOdiug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df2270ecee24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
en.w4ksa.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 36ms
36ms Image
image/gif 2606:4700:3037::6815:30f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.w4ksa.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: en.w4ksa.com
URL: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:30f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cvKacoWiJwyBvUJUzJmhjUPAb4x1u580DVY3rv5p%2BXX10owpCUkEq%2BNAwHQn%2Bi6pc5br0d1VADiWvEtuPHTzQFWJ0%2BO0Ns5u69KYdu%2BQrnshkk2nske%2BIaD7zZT2%2B19uup4ND%2BqHuZW%2BGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 751df2270ecfe24b-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
41ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 16:34:58 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 591
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 28 Sep 2022 18:34:58 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 347 KB
123 KB 478ms
94ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4513527256993089

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f856bb47a3b8d1d389ce9f14bc26672b4492608889c5c946302a287e2d2c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125480
x-xss-protection: 0
server: cafe
etag: 9880503738336843844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 16:44:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/ Frame 7F73 10 KB
5 KB 132ms
40ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4513527256993089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 38956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 05:55:33 GMT
etag: 9671129459699598864
expires: Wed, 12 Oct 2022 05:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 139ms
55ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1455841320&t=pageview&_s=1&dl=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=What%20are%20electronic%20currencies%20and%20how%20to%20earn%20from%20bitcoin%20%3F%20-%20W4ksa%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=94169237&gjid=2080891742&cid=104643890.1664383489&tid=UA-237003713-1&_gid=327340934.1664383489&_r=1&gtm=2ou9q0&z=113896367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://en.w4ksa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 16:44:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.w4ksa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 245ms
57ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=en.w4ksa.com&callback=_gfp_s_&client=ca-pub-4513527256993089&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b406486d126e48e99396e5251c5e1a54e92ff8b1b5985abbac9a8608ca97cf43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 317ms
136ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=en.w4ksa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82CA 0
19 B 291ms
123ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&adk=1812271804&adf=3025194257&lmt=1664383489&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489319&bpp=3&bdt=307&idt=592&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7671223969416&frm=20&pv=2&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=616

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:44:50 GMT
expires: Wed, 28 Sep 2022 16:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 756B 92 KB
31 KB 939ms
784ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=640&slotname=3879099594&adk=1852673842&adf=3674521187&pi=t.ma~as.3879099594&w=320&lmt=1664383489&psa=0&format=320x640&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489322&bpp=2&bdt=310&idt=619&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3du4J8W4ea&p=https%3A//en.w4ksa.com&dtd=625

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c76b0a329c88b64604a30929518c7796011e4138b3895c0baa6343df3a3080ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:44:50 GMT
expires: Wed, 28 Sep 2022 16:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C142 23 KB
10 KB 1053ms
903ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=280&slotname=1336658744&adk=3259557010&adf=1528403788&pi=t.ma~as.1336658744&w=748&fwrn=4&fwrnh=100&lmt=1664383489&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489324&bpp=1&bdt=312&idt=626&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4OOvkx0wiX&p=https%3A//en.w4ksa.com&dtd=630

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c945a72cda2a65e989c5d996b2d36042ee5547b42c4739738a0236bdbb5583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9828
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:44:50 GMT
expires: Wed, 28 Sep 2022 16:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 756B 8 KB
1 KB 399ms
56ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=640&slotname=3879099594&adk=1852673842&adf=3674521187&pi=t.ma~as.3879099594&w=320&lmt=1664383489&psa=0&format=320x640&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489322&bpp=2&bdt=310&idt=619&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3du4J8W4ea&p=https%3A//en.w4ksa.com&dtd=625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:10:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 16:44:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 756B 2 KB
983 B 155ms
54ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:33:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 756B 0
0 80ms
79ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBvBVAno0Y4enCaPD0_wP79OO-AXavOvhaqvj8dnAEKry6-z5IxABIOaP9I4BYMm2o4jwo-wSoAGDsJ2fAsgBCagDAcgDywSqBIECT9DihVS8It2fB6lXxPbfXHQb_mTaYBVXJl9YN7mUyTUn2iXJc-D7opLbIfYxzdpJAK-JaWMVPnxzDU1gNOo4rxTy3DqsYTaXOjwqBDcPsoziAkfX52-GN4rjrf_PuP_IaFK10lcK0pjl8zzp1Q1R0U1mObFJOWTr813ynCKBImsCFD6Tbuzelq8ChFDo4_1sjpAqsZjKn90D8Zs_CnHtp51-8Lg1LxdHhmRqP1bnnuF9qT6GQrNwdEQGytBATas7Ak9ZMlmmST72AzdpLgiDNnEK8qROxtE6zw19jgvdHFE4FPh6t-79na5rax0oj4hprdr0cZ9nnBK7-XeJUJz5_sfABPrwrurFA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAerwNfrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJfJDNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NTEzNTI3MjU2OTkzMDg5GAA&sigh=UEQ7XH1SJjc&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=640&slotname=3879099594&adk=1852673842&adf=3674521187&pi=t.ma~as.3879099594&w=320&lmt=1664383489&psa=0&format=320x640&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489322&bpp=2&bdt=310&idt=619&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3du4J8W4ea&p=https%3A//en.w4ksa.com&dtd=625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 16:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 16:44:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 756B 23 KB
10 KB 140ms
41ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:39:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 756B 3 KB
1 KB 152ms
54ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:43:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 756B 17 KB
7 KB 145ms
48ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:42:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 756B 140 KB
44 KB 234ms
133ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 16:44:51 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 756B 32 KB
14 KB 214ms
121ms Script
text/javascript 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 05:24:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 06:46:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame C142 3 KB
1 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=280&slotname=1336658744&adk=3259557010&adf=1528403788&pi=t.ma~as.1336658744&w=748&fwrn=4&fwrnh=100&lmt=1664383489&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489324&bpp=1&bdt=312&idt=626&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4OOvkx0wiX&p=https%3A//en.w4ksa.com&dtd=630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:43:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame C142 17 KB
7 KB 68ms
68ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 16:42:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C142 140 KB
44 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 16:44:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C142 0
0 83ms
82ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkFCEAno0Y9KTCfqD0_wPstmF-Aucge-wXIqilqS0AcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTQ1MTM1MjcyNTY5OTMwODmgAazd_ugDyAEJqAMBqgTrAU_QbV6tzY3ZVo0PH1l5mNQLiwBXwjgTNH6rUbPGtWsfUWWAp7VbtZLn2O0DVBnixJqgTrJHp76qTD1CVZub8EXgXc5p7y_wM45nB3K7pIhRVlBERNitGwJsabEed9bRutFDoPWdZUenhf-mAZ0h-G06ZfDNXbfxXUQ1t5OiT6rIzwmdSAbLBcBTuwQsqWVqdrPr7WGxrVs3krza3bVzRB8xHjiFpXsXsEZgsqjZRXStOF72RSUiXhvoxIVw32tcnt_6BdJh7oHYWboevg0XLQe4mvCwm6EQju4dUkhJ-2YTKerX1V9Ed8x7dvWABuLbytiRp_uqZ6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ1MTM1MjcyNTY5OTMwODkYAA&sigh=e6wgJjRTuv8&uach_m=[UACH]&cid=CAQSGwCsnQUx2dNeRBGR44yEYnDNnP1ugCLaFhvUyhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=280&slotname=1336658744&adk=3259557010&adf=1528403788&pi=t.ma~as.1336658744&w=748&fwrn=4&fwrnh=100&lmt=1664383489&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489324&bpp=1&bdt=312&idt=626&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4OOvkx0wiX&p=https%3A//en.w4ksa.com&dtd=630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 16:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame C142 0
0 163ms
47ms Fetch 2620:100:a005::14
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kNSjFM36ROwFmALiIp0XAgAAAFtqPa47YPBaEAF6NGNkGNJcoQ0DqDPC7QASAAA&wp=YzR6AgACSdIJlMH6AAFssqENzwhVKaiiNBmBzw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 226467
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 9819 150 KB
50 KB 233ms
141ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YzR6AgACSdIJlMH6AAFssqENzwhVKaiiNBmBzw&u=%7CITEFp9vfvpXmaY5ddAll00%2F3E3ZIscw6IwruP1H3Q%2Fo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_Brln9fHruA8j1Rczuf7gXg-1uNqo2xpuCZfjTOeEXuR2xp4r85yQjR8fvw8godfhLHxJg5bzhEKvRIapz46Mn8Oa4inYlUFqEQD4c1Dx9xKfBFJz2Mz_j1LT-OIwpy4M9NoHzXBg6ClLZtnW_viZBokbBw8NqiGcFOMyZ7E1ijCwrzACBvnhV-siG-5GF-atCexSpIxcriB68J8rE-C5Vmfz0VsFhFBgMBkG7Y22VMXnsdJL5FaD_q8BaNHqdNLUPmfs5EJTFnsgEdqrB65ntxQUR-MQFd_JayHTsHy2FYbQNADAPf62j3qadiqimFQNB3PLamNBrAYNktozf-pbU-gluZdQ9atzleLTUSZcIT3jAEZ95fCdVCDHH1VpqiC7zoVeA5kOgPzraYu9J-rnbmEWCnl_bcIDRvIv4CuZ47RIQN58naF_AL7_LVG1fbVZ1Le_8kjStF2-RQ-dnpUPKR5P6-zCeYMAv-l-_5f0l0n6KhqlSPanIAaZ7IhBCgeBnjkHORnQxu979j6Rq3vkogOAZKp6qjrcmHwSWUmfCDK2kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCcU3Ano0Y9KTCfqD0_wPstmF-Aucge-wXIqilqS0AcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTQ1MTM1MjcyNTY5OTMwODmgAazd_ugDyAEJqAMBqgTuAU_QbV6tzY3ZVo0PH1l5mNQLiwBXwjgTNH6rUbPGtWsfUWWAp7VbtZLn2O0DVBnixJqgTrJHp76qTD1CVZub8EXgXc5p7y_wM45nB3K7pIhRVlBERNitGwJsabEed9bRutFDoPWdZUenhf-mAZ0h-G06ZfDNXbfxXUQ1t5OiT6rIzwmdSAbLBcBTuwQsqWVqdrPr7WGxrVs3krza3bVzRB8xHjiFpXsXsEZgsqjZRXStOF72RSUiXhvoxIVw32tcnt_6BdJh7sPaeSi1TIQX7o7VFhvKEmKnssYUfFCNYJVpoCNpy3Nc3hrqdjbm_K2ABuLbytiRp_uqZ6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1O5kXSzaHzNRgEngiPcxUqemINDg%26client%3Dca-pub-4513527256993089%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e08f64d456dcb903b79ca6c49d85e246f87b91468a634c1b4d7ad7541986f91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:44:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KuwYWqapDOAXeJpzZ_pCU3p5LUZ9bgHgqRmte-iIK-MnWxQo5TRBGTp7D9f1USrlXKLLAV0Ir0mIqwVBVNM6eAW3eUynimPC85YprzT8FDOQyJTAP_BZ6Q2bqkweMeGv7R0J-SLJCojXXm33tJR8kiydD3TK9WlAMetnxb9FrEBUPQZeAGXQz7_doa8uGilitjPMYX5wz1mwSr5A8Xcyam_lsTEukcm-ExOgReYlX__7ZFWFYEDElqfa9prZ1iTpLb-Mzd6USkdlcMvA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 96118565
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame C142 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22108ce5cadfd4820a5462cfd07c09e450f2bf764077bc24abd15903a00814d1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9819 2 KB
1 KB 132ms
45ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YzR6AgACSdIJlMH6AAFssqENzwhVKaiiNBmBzw&u=%7CITEFp9vfvpXmaY5ddAll00%2F3E3ZIscw6IwruP1H3Q%2Fo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_Brln9fHruA8j1Rczuf7gXg-1uNqo2xpuCZfjTOeEXuR2xp4r85yQjR8fvw8godfhLHxJg5bzhEKvRIapz46Mn8Oa4inYlUFqEQD4c1Dx9xKfBFJz2Mz_j1LT-OIwpy4M9NoHzXBg6ClLZtnW_viZBokbBw8NqiGcFOMyZ7E1ijCwrzACBvnhV-siG-5GF-atCexSpIxcriB68J8rE-C5Vmfz0VsFhFBgMBkG7Y22VMXnsdJL5FaD_q8BaNHqdNLUPmfs5EJTFnsgEdqrB65ntxQUR-MQFd_JayHTsHy2FYbQNADAPf62j3qadiqimFQNB3PLamNBrAYNktozf-pbU-gluZdQ9atzleLTUSZcIT3jAEZ95fCdVCDHH1VpqiC7zoVeA5kOgPzraYu9J-rnbmEWCnl_bcIDRvIv4CuZ47RIQN58naF_AL7_LVG1fbVZ1Le_8kjStF2-RQ-dnpUPKR5P6-zCeYMAv-l-_5f0l0n6KhqlSPanIAaZ7IhBCgeBnjkHORnQxu979j6Rq3vkogOAZKp6qjrcmHwSWUmfCDK2kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCcU3Ano0Y9KTCfqD0_wPstmF-Aucge-wXIqilqS0AcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTQ1MTM1MjcyNTY5OTMwODmgAazd_ugDyAEJqAMBqgTuAU_QbV6tzY3ZVo0PH1l5mNQLiwBXwjgTNH6rUbPGtWsfUWWAp7VbtZLn2O0DVBnixJqgTrJHp76qTD1CVZub8EXgXc5p7y_wM45nB3K7pIhRVlBERNitGwJsabEed9bRutFDoPWdZUenhf-mAZ0h-G06ZfDNXbfxXUQ1t5OiT6rIzwmdSAbLBcBTuwQsqWVqdrPr7WGxrVs3krza3bVzRB8xHjiFpXsXsEZgsqjZRXStOF72RSUiXhvoxIVw32tcnt_6BdJh7sPaeSi1TIQX7o7VFhvKEmKnssYUfFCNYJVpoCNpy3Nc3hrqdjbm_K2ABuLbytiRp_uqZ6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1O5kXSzaHzNRgEngiPcxUqemINDg%26client%3Dca-pub-4513527256993089%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9819 2 KB
1 KB 130ms
43ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9819 308 B
636 B 143ms
58ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9819 293 B
622 B 127ms
42ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 9819 43 B
348 B 411ms
51ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=IM29vFzgvO3aHFBUTiKcS_dIYQWG3zhrxTCh3-6cxl6w-xhC_eaqB4R_tR31jYF5r_lKX0uiZG1Bk8rm1B771LO_Tmg0K9FPVklUP4hP0oN1PHAVIawpRsqrF0vcv36B49i20K0LEnLNRSrPRzpyRyyX8Ski5adMHFay0aFrqbezuzYaiiJ9_GRD6dxnvNSqmh0Fjz6A0Q0xklVZhixp0M_ZF-sfZBJ0Qo9o51SagPqeMVfoUgGg7OizoJyc8NBeFS-i2_YMc9VC-QkWx5i0ptsolT-knv07iioW4zMZG_iJkBa-3pw3yfhuqoKXkOwA8DjfDJ3sgxS84VF46BCRyFPTc6pUqvzGtzEgDUiCQVgACGVyy0trbbGV8Y7nQLsyjmns-j6lsCV11aTTyDCfizTDlbfH8MU53Y9BukENHzRQpHu7B8AOfVDI-l0dzc1mDjSPsg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 16:44:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3392623
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

view_pixel_1x1.gif
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 9819
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-166314-312825-4&mkcid=4&mkevt=2&mpt=63347a0268d9e2daa32c772f87f91b07&gdpr=0&gdpr_consent=&siteid=0&adtype=0&size=1x1&ipn=admain2&pla...
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
515 B

281ms
124ms

Image
image/gif

23.208.217.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Requested by

Protocol

Server

23.208.217.48 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-217-48.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-3:80
x-cdn: AKAMAI
date: Wed, 28 Sep 2022 16:44:51 GMT
akamai-grn: 0.9219df17.1664383491.3778cc7e
strict-transport-security: max-age=31536000
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*ewa1e%28rbpv670%3D-18340c8235c-0xde
access-control-allow-headers: *
expires: Thu, 28 Sep 2023 16:44:51 GMT

Redirect headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version
server: ebay-proxy-server
content-type: image/gif
location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control: private,no-cache,no-store
x-envoy-upstream-service-time: 102
rlogid: t6baubqsodf%3F%3Ctofgcp%60tqjfc*dt%7Ee1%28rbpv6612-18384fc9d7a-0x2352
content-length: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9819 12 KB
5 KB 128ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1191294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxT5tqnM842j32rizE%2FBM%2BjUmhMPN17TG5UnfgE%2FV4QSWh45BJPxuHUq4BbM%2B57KtZZ%2FTHBZDNLKhnmlVeAk%2Bg5MXYYLTaPZ9XqThbwBdsJGRJbIa7%2FBBT56oaaC3kafaTbtrfUUL6WQpGaI8jnfyTgi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751df2352eb203d4-ORD
expires: Mon, 18 Sep 2023 16:44:51 GMT

GET
H2 200 ab61ffb7c62a40a194552a9753cbe000_marketsans-regular.woff
static.criteo.net/design/dt/ Frame 9819 21 KB
22 KB 200ms
118ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ab61ffb7c62a40a194552a9753cbe000_marketsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9933af9d90ac47395c6cc3ce65585fa95b9db0112e863712d75ca0cbc20d0224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 14 Jun 2018 18:41:10 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b22b6c6-54b4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 7fb0a997a1f04f65ac898832e60c1d50_marketsans-semibold.woff
static.criteo.net/design/dt/ Frame 9819 21 KB
22 KB 213ms
132ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/7fb0a997a1f04f65ac898832e60c1d50_marketsans-semibold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f0954735d95dccabf79cdccdbf8f253927c60209f145a266e1eaf264314c10b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 14 Jun 2018 18:41:10 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b22b6c6-54a0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7843 36 KB
16 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 03:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 03:34:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9819 12 KB
6 KB 110ms
108ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9819 1 KB
2 KB 143ms
45ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=13927&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F13927%2F200929%2F9b3b22ae88424c2784a63455b839393c_logo_bg_sizeless_lightbgrollover.jpg&v=3&w=196&s=0dGPOxKs1xW3lb1rEufN7HlS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1948e1003a09a3f9908da10c20f6c64e5cc14f2f6457b823e0370abce153dc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28124843
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1492
expires: Sun, 20 Aug 2023 05:12:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9819 75 KB
75 KB 258ms
161ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1200&m=0&partner=13927&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F13927%2F220915%2F67730feda84143d284caf23f8a160b29_img_square_1.png&v=3&w=1200&s=2ARMYMXZLbvsw4KQp5rf2FMf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

941aa46357ecace602af54333bbf1d5c697c0cfb8645c49de1100e8c2692578d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29989772
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 76652
expires: Sun, 10 Sep 2023 19:14:24 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9819 14 KB
15 KB 231ms
134ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13927&q=80&r=0&u=https%3A%2F%2Fi.ebayimg.com%2Fimages%2Fi%2F403476197691-0-1%2Fs-l1600.jpg&v=3&w=400&s=8NV7QQeY8ooxns8iE-Ac6cUL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fad95c2abdc0d63975ccefa7b85fdef97ee473726edf7deb0580b71f72a9910c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27599102
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14658
expires: Mon, 14 Aug 2023 03:09:53 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9819 31 KB
31 KB 185ms
88ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13927&q=80&r=0&u=https%3A%2F%2Fi.ebayimg.com%2Fimages%2Fi%2F165451437761-0-1%2Fs-l1600.jpg&v=3&w=400&s=-gXJdyff2AFgAzWEwJ4oA0Wl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1833aff1e39fd2916603b379a4c4b34cf53f44cbd83113dbe417f4a4216feac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29274995
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31374
expires: Sat, 02 Sep 2023 12:41:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9819 16 KB
16 KB 197ms
100ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13927&q=80&r=0&u=https%3A%2F%2Fi.ebayimg.com%2Fimages%2Fi%2F402991777616-0-1%2Fs-l1600.jpg&v=3&w=400&s=VhKroIu0C7sWSByHPAbwoFEQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1e7b4b1d199de16e20c028832eef5994d2d7a0db8c105233f33fe1907a0b1805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=26876674
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16076
expires: Sat, 05 Aug 2023 18:29:25 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9819 0
128 B 233ms
123ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=KuwYWqapDOAXeJpzZ_pCU3p5LUZ9bgHgqRmte-iIK-MnWxQo5TRBGTp7D9f1USrlXKLLAV0Ir0mIqwVBVNM6eAW3eUynimPC85YprzT8FDOQyJTAP_BZ6Q2bqkweMeGv7R0J-SLJCojXXm33tJR8kiydD3TK9WlAMetnxb9FrEBUPQZeAGXQz7_doa8uGilitjPMYX5wz1mwSr5A8Xcyam_lsTEukcm-ExOgReYlX__7ZFWFYEDElqfa9prZ1iTpLb-Mzd6USkdlcMvA&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 16:44:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9819 2 KB
1 KB 120ms
118ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9819 2 KB
1 KB 112ms
111ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:44:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 162ms
77ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec96e726e9f91f1936963b381bbd01ae442782f1941e1499d6aa0ba86ff5a792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11278
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 363ms
62ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 16:44:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C142 42 B
64 B 62ms
61ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutex9uDQnKyuvJkC_Eb5tflZfMKnzKNvDTEWYJn6TGGF_EU7r-HOUoP59VIsJExcbDFUTd8_wuXcWgtuzMt6a1M_mE&sig=Cg0ArKJSzGKPAI3jgvd1EAE&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3259557010&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664383489955&rpt=1226&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9819 0
127 B 47ms
47ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 16:44:52 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4C1 13 KB
5 KB 60ms
40ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 46764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 03:45:28 GMT
expires: Thu, 28 Sep 2023 03:45:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E013 783 B
534 B 152ms
65ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b43032a989804c221458bc3e75ceaba8b1996398c38dc29eabf145a44c8c0be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nYg5ahWEpDXiy43bobhIRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://en.w4ksa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nYg5ahWEpDXiy43bobhIRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:44:52 GMT
expires: Wed, 28 Sep 2022 16:44:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame C4C1 36 KB
16 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 03:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 03:34:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E013 0
0 59ms
58ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=1432080832825295&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4C1 0
10 B 41ms
41ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lox12A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:44:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=1432080832825295&bg=!IyClIGTNAAYIxsuQKMY7ACkAdvg8WtB8ZDwAk_kl80LRroFUEyoPjZbShySgWHR1XEUFVMUuoxeXhAIAAABZUgAAAAJoAQcKAINNYN1F-3F0yxoJyKieRXQ50HBRich7h-f9UmcxreO1Wye9PDiEZUPKDrKjMooyJNQvlQ17bvP3LIB1uFmMG7NqgzEpFckuB47dI0yM4Y5jpAjn_m8mLk85D8V-YFl67UD6F4mTqvlbsQbq7COo28tgXj51nWAxo41-gg6RjL6erhPLMpkCmsvPRoCGcoUuXA12x747XlONmDkeht7MD5_ofTJDYXSnmzrn9CPZqlmYK0qqsqKAq6hZxtN1Gj0s0JgxAs7G4LiHe9-R4wMFGLIsWmyzmCJvYfv7abLmw-rOPKu_XYcS_iPjcs93OnqjsMXOGg4CZUgrGAxUhnRrr6qz1TmjuM7aTNLrr8LayZd4yqqgKuCT4FzVhc_T6upfiGjxxxyridNay44V1edZyYbUWr1QIm8S07UoD476zZqA6IsgxQ3fCvSfsJ3mIp5kw-FMh0BwhW0Xx0gpuZ_rSNVFoNSVPgIWlONx8QzxjOvVO5O1-LTbof9ZWsLOpfwXTwEkfimzur0oHM01jJveOGGYwP9N9blmvSGcE56I1OKpDKaC78nz5goyJppP7sNtIqN_E_4x79ek1Q6N0DzaAlfXx63PgJsIhAOYPMeD2UpYdxPkwhSHpOFfJ7AtVObBkoUPwjgo8hnWSdqhXPOnx7enfOL5OPdlKAP4AMMwesd2bpHvISo_53pT_LlT-e0CYR9EO3mYcoP2E6SSI5Kb1vCusxXA3StqYgwpu0XfcfDxdjL9hjoNIPMCf8ya_yCRso3Lp2PqRlCJO09hPkFX65mdbnxxUnN5eE5039zUbGNYzcam7yNCywGpMJ_lhbpzlFDOdLkKehHUk-BNR9RUvFaWZbg0DFiH9LOPdu6I78JAmA66wZvvyrvakuswjdo-mxsDbRHyK9MeM_wa6myR4ap6bSzWfPPQ1p7JpldJOnuQoK0w2IlgxQPy278KgJLIQem7lNiIJbAXaEGmb62CkjrvtfSSU8fl8tRw13ILNSUNxlQU610UEqpFVh4XOBSZg9Hx4nCzfWJvahUeaG-Gu5Obwi9JbJjetAsVPw4l3go5aw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.w4ksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-20 08:29:19	Name: adguid Value: 29a69ec44a5f413b85a4179f96804fce
.google.com/	1970-01-20 10:43:14	Name: NID Value: 511=tA_M-3v_27XqjtZ91gkp2X9X_v10moSSp_Kzs74oq1BLcAuQF5UwnuvL3cjDnbJPSe8oMCsT-xHC2J0ahifcUHMdml1F7J07Yra4yDjJIq-wTETtdN_S0RRRZbTUEuV3RdflBrD4vmBdPA2G9oGjrttysVf_p8iXFIsyV594oaU
en.w4ksa.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3cd38a262da254eee8b2ee1cbf777fe7
en.w4ksa.com/	1970-01-20 06:22:36	Name: qa_key Value: n4gvu4ig3ax2z0ksqj2rke9dzcc6e19u
.w4ksa.com/	1970-01-20 15:55:43	Name: _ga Value: GA1.2.104643890.1664383489
.w4ksa.com/	1970-01-20 06:21:09	Name: _gid Value: GA1.2.327340934.1664383489
.w4ksa.com/	1970-01-20 06:19:43	Name: _gat_gtag_UA_237003713_1 Value: 1
.w4ksa.com/	1970-01-20 15:41:19	Name: __gads Value: ID=a3ecf5bdd5a31e37-22c72d2150d700e4:T=1664383490:RT=1664383490:S=ALNI_Maw_5rIgcuemvJlZKdEKglje-F6Sw
.w4ksa.com/	1970-01-20 15:41:19	Name: __gpi Value: UID=00000870f78ca419:T=1664383490:RT=1664383490:S=ALNI_MZ95KYwc0WcPFSBP6wsBdx9O6Iyig
.doubleclick.net/	1970-01-20 15:55:43	Name: IDE Value: AHWqTUlk10Tl7ImJu_E32YURkBUxfDq6NwWF4uKYC07I13n146pPSWaZLMvlAkiXd4c
.doubleclick.net/	1970-01-20 06:19:44	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4513527256993089&output=html&h=280&slotname=1336658744&adk=3259557010&adf=1528403788&pi=t.ma~as.1336658744&w=748&fwrn=4&fwrnh=100&lmt=1664383489&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fen.w4ksa.com%2F12%2Fwhat-are-electronic-currencies-and-how-to-earn-from-bitcoin&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664383489324&bpp=1&bdt=312&idt=626&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=7671223969416&frm=20&pv=1&ga_vid=104643890.1664383489&ga_sid=1664383490&ga_hid=1455841320&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=1432080832825295&tmod=1952847602&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4OOvkx0wiX&p=https%3A//en.w4ksa.com&dtd=630 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
csm.us.criteo.net
en.w4ksa.com
fonts.googleapis.com
googleads.g.doubleclick.net
malehealthboosters.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.da.us.criteo.com
secureir.ebaystatic.com
static.criteo.net
tpc.googlesyndication.com
www.ebayadservices.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
192.254.233.58
209.140.129.66
23.208.217.48
2606:4700:3031::ac43:d1e9
2606:4700:3037::6815:30f3
2606:4700::6811:180e
2607:f8b0:4006:807::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2001
2620:100:a001::24
2620:100:a001::4
2620:100:a005::14
74.119.119.137
74.119.119.147
74.119.119.149
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
1833aff1e39fd2916603b379a4c4b34cf53f44cbd83113dbe417f4a4216feac3
1948e1003a09a3f9908da10c20f6c64e5cc14f2f6457b823e0370abce153dc5a
1e7b4b1d199de16e20c028832eef5994d2d7a0db8c105233f33fe1907a0b1805
22108ce5cadfd4820a5462cfd07c09e450f2bf764077bc24abd15903a00814d1
240f9dbc3c39bf1f41ed99e89f3358224ccd64137d061960621004903c69c0f3
3b43032a989804c221458bc3e75ceaba8b1996398c38dc29eabf145a44c8c0be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d43f60609b1d64ab33bea72d54e1b425a37185564f70dda849116c35b3ad6f8
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
762473261edc9e38ca8d735cb598b8cb7b2f61cc0b79d1a2decd671b889b7b59
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
941aa46357ecace602af54333bbf1d5c697c0cfb8645c49de1100e8c2692578d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9933af9d90ac47395c6cc3ce65585fa95b9db0112e863712d75ca0cbc20d0224
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f856bb47a3b8d1d389ce9f14bc26672b4492608889c5c946302a287e2d2c2ad
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c945a72cda2a65e989c5d996b2d36042ee5547b42c4739738a0236bdbb5583
b406486d126e48e99396e5251c5e1a54e92ff8b1b5985abbac9a8608ca97cf43
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c76b0a329c88b64604a30929518c7796011e4138b3895c0baa6343df3a3080ed
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e08f64d456dcb903b79ca6c49d85e246f87b91468a634c1b4d7ad7541986f91c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ec96e726e9f91f1936963b381bbd01ae442782f1941e1499d6aa0ba86ff5a792
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0954735d95dccabf79cdccdbf8f253927c60209f145a266e1eaf264314c10b7
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fad95c2abdc0d63975ccefa7b85fdef97ee473726edf7deb0580b71f72a9910c

en.w4ksa.com Open in urlscan Pro 2606:4700:3037::6815:30f3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

74 %IPv6

17 Domains

23 Subdomains

23 IPs

1 Countries

815 kBTransfer

1887 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

en.w4ksa.com Open in urlscan Pro
2606:4700:3037::6815:30f3 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

74 %
IPv6

17
Domains

23
Subdomains

23
IPs

1
Countries

815 kB
Transfer

1887 kB
Size

11
Cookies

70 HTTP transactions
1 data transactions