score808.candilkuya.com Open in urlscan Pro
2607:f8b0:4006:816::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://score808.candilkuya.com/
Submission: On February 17 via api (February 17th 2024, 11:57:19 am UTC) from US — Scanned from US

Summary HTTP 143 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 11 domains to perform 143 HTTP transactions. The main IP is 2607:f8b0:4006:816::2013, located in United States and belongs to GOOGLE, US. The main domain is score808.candilkuya.com.
TLS certificate: Issued by GTS CA 1D4 on February 17th 2024. Valid for: 3 months.

This is the only time score808.candilkuya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:f8b0:400... 2607:f8b0:4006:816::2013	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
37	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1 10	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4006:823::2006	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
6 9	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
4	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:12::9	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
143	19

2 2607:f8b0:4006:816::2013 (United States)

ASN15169 (GOOGLE, US)

score808.candilkuya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4006:823::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.40.194 (Queens, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (San Francisco, United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.181.211 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:12::9 (United States)

ASN15169 (GOOGLE, US)

r4---sn-q4flrnld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	750 KB
38	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r4---sn-q4flrnld.c.2mdn.net — Cisco Umbrella Rank: 125527	1 MB
22	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551	147 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2	74 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	6 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 ajax.googleapis.com — Cisco Umbrella Rank: 434	36 KB
3	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 11252	335 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	candilkuya.com score808.candilkuya.com	66 KB
143	11

	Domain	Requested by
37	pagead2.googlesyndication.com	score808.candilkuya.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
36	s0.2mdn.net	score808.candilkuya.com s0.2mdn.net
20	tpc.googlesyndication.com	score808.candilkuya.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
3	blogger.googleusercontent.com	score808.candilkuya.com
2	googleads4.g.doubleclick.net	score808.candilkuya.com
2	www.googleadservices.com	score808.candilkuya.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	score808.candilkuya.com
2	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
2	score808.candilkuya.com	score808.candilkuya.com
1	ade.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	r4---sn-q4flrnld.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	ajax.googleapis.com	s0.2mdn.net
1	www.gstatic.com	googleads.g.doubleclick.net
143	21

This site contains links to these domains. Also see Links.

Domain
about.candilkuya.com
www.facebook.com
www.instagram.com
twitter.com
id.pinterest.com
www.youtube.com
www.candilkuya.com

Subject Issuer	Validity	Valid
score808.candilkuya.com GTS CA 1D4	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://score808.candilkuya.com/
Frame ID: DA7CE30C2B2BC78153F8DAD609EAC544
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 6E82EFE0D78207D9B70C3031EC47D788
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&adk=1812271804&adf=3025194257&lmt=1708167855&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034776&bpp=5&bdt=581&idt=432&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=33461202187&frm=20&pv=2&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=454
Frame ID: 0A886AA00F987870226548E2ED4FB000
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=280&slotname=8821295543&adk=3898703930&adf=3542702058&pi=t.ma~as.8821295543&w=1170&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=1170x280&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034781&bpp=3&bdt=586&idt=454&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=477
Frame ID: 00D54812C99535C86D6CBBF1BB66CE04
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=1320160273&adf=3300555782&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034784&bpp=1&bdt=588&idt=482&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-10&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=485
Frame ID: 44AD806348B515CEA9296D3FEC13073C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=795701471&adf=1028463210&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=493&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1410&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=498
Frame ID: CE521E69D2B2A445ADC9229AE7958E85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=9655826458&adk=987553427&adf=926755587&pi=t.ma~as.9655826458&w=300&lmt=1708167855&format=300x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=507&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=511
Frame ID: 674B1562C0F82CFA5820DA00BF86AE5B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhi_-43eATAB&v=APEucNVp1NH2UVRnLZgrHIII1_QbjgJJfQ1SIFlsn7MHrkW6BHwQE-PU7GAuMz07VpErjpZgA6dolbQ5_53TaRBoXwAJ--golg
Frame ID: E1148730EB5B8316FF9D71A21B961E5B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 5A1BCCA753ECD5872765C736FFB1C489
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjzgpj9ATAB&v=APEucNXwir3SJyuHRd-Q-cSNPC2kbnSBuKJL7oDnLkTha5QnJqQvea4OXcu6UPjzs7aIAk0c0qAPu4i7nd-CkgdwD4DCc5dxqg
Frame ID: 5F7B841237FB2A1AA7451D53B2FA7CDF
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
Frame ID: C0E718D503F5AD60397C05E216997C8C
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E6CBAA2A7AFBD24AF3CFEFD4556EEE41
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: 36081B6AF07BF15A1828EBA7F018BD54
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
Frame ID: CDBB34C1D5AFDFD1EC34F092EB75A0E2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 653C1A6D10D0C4FCF11B9D396DDE9AA6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 8666777076244E35ACD0CD06555CFE7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 16A014CC54FCFD3C7922DBEBA8EA6E92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 3A44700696187704B7007443984BB13D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 104EC5AEE2B6E3FCC60C4BD1CD069659
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBE30830D2A8D6BE7C79819B35603891
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FC359DC9BB207F46CEF5428FA1BFC67
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Idn Score808 - Live Alternative

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

93 %
HTTPS

74 %
IPv6

11
Domains

21
Subdomains

19
IPs

1
Countries

2551 kB
Transfer

5247 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://about.candilkuya.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/livescore808
Title: Idn Score808

Search URL Search Domain Scan URL

URL: https://www.facebook.com/score808indonesia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/score808indonesia

Search URL Search Domain Scan URL

URL: https://twitter.com/score808pro

Search URL Search Domain Scan URL

URL: https://id.pinterest.com/CodeCandilKuya/lowongan-pekerjaan/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/score808matchday

Search URL Search Domain Scan URL

URL: https://www.candilkuya.com/
Title: Score808

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtDVxUViRicwWHMyYZopTI&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdCfG8AoJacAAEXIAAo.lAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

Request Chain 40

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1

Request Chain 44

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdCfG8AoJacAAEXIAAo.lAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

Request Chain 46

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=CBHhRG5_QZYa3E6qUoPMP0c6duA63yPLvdbfLraG2Ev2B5LbrAhABIMjCgXtgyYaAgNyjxBCgAaCXjpMoyAEJqAMByAPLBKoE3gFP0G_lZ13XqD2MvpYf4kSyqaKXwd-XxkKlXaKu2C41tpy6RFdW--D8SBrGPy4OoPBo-tjACg6sHCE4XtB_mRR0-7e-8NOB1xDExGg5_Q0yt3ECPfj-kpzr0HhU7WTc7LXT7cJAF4bcocGO81lcRoOg-hX5LZeBcaJT6vuuJDxA2rft6eJ0RsjJwqDAdEkIHK0Aq9tURXYhUUPVbzwTyfpYDJ2FRJoDy4wg1J9nXc3IhNb-xvL1t9zkGAHwrvCFt7pg72aYeTWiqeXuumKOiYbJVNjERKCT48v5vWyakjzABN2H5ZiSBIgF2smXg0mSBQQIBBgBkgUECAUYBKAGLoAHoM_e8gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBCEhBTSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYz5Ca_qiyhAOaCfcBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_cD1zb2MrMithdWRpdCtmb3Irc21hbGwrYnVzaW5lc3MmaHNwYXJ0PXlhaG9vJmhzaW1wPXlocy1nMTkxYSZnX2FwPWdndDMmdHlwZT1zb2MyYXVkaXRmb3JzbWFsbGJ1c2luZXNzJmd0eXBlPS0tbWt3LS1kYy1tdC02ODY1NjgyNDYxNTQtcy1wdGlkLS1wZ3JpZC0xNDIzMjI3NzkxMDEtY3BnbmlkLTE5NjAyNDY2MDEwLW4tZC1wbC1zY29yZTgwOC5jYW5kaWxrdXlhLmNvbYAKAcgLAdoMEQoLEPCXxNeR4dXQygESAgEDuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzA3NTE5OTM5MTc2OTI3GAA&sigh=LhFf8P9hGuE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf__la7VWvO4njP2nH8djl3mwnIBpMBFvnJhaXoECcZOaixL-wSrojC9sXegEuRhwuzY0XkHXttvl9rQiUM0EwlkCx3MIwFXJD0bRgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3e27f24e1b3a556a0000000000000000%22,%222%22:%220x405895dd62d83d830000000000000000%22,%223%22:%220x54be7eb0dc6700620000000000000000%22,%224%22:%220xb4f3f28983ce13ac0000000000000000%22,%225%22:%220x5c9de17b9743ae3e0000000000000000%22},%22debug_key%22:%2218022524770339108406%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210777496480%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210997126762402659089%22}&andc=true

Request Chain 93

https://gcdn.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/261D0ACC91EB8E66390FF9442B7EF8022B0C278E.713C2A869FB2A463F5B264F2B25304B7C779C6B0/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-q4flrnld.c.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/658DD4C24BF524AFF83A50086AA27CE82DC0A4A4.50C007DEE6DCB6ABFA93E8F497F0206F94713F12/key/cms1/cms_redirect/yes/mh/9s/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4flrnld/ms/onc/mt/1708165978/mv/u/mvi/4/pl/48/file/file.mp4

143 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
score808.candilkuya.com/ 232 KB
65 KB 366ms
117ms Document
text/html 2607:f8b0:4006:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de24056e882bd5ed97d34b3d23dc54493315aa06a26e888b29198468bccbd503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 66099
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 11:57:14 GMT
etag: W/"d81ef4f99d99a4e8914d173622f100feb298f1d591f9b21c11f62823fabfe642"
expires: Sat, 17 Feb 2024 11:57:14 GMT
last-modified: Sat, 17 Feb 2024 11:04:15 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H2 200 AVvXsEhwK0i2F9TJjhQL3LRdxSUDoa8QsW8tjgnxmmOnEkcV6k7yE1DroBN97tUNhiGob7wIka14j2h6eSF1iDR-c0TTu8yf8ifpbKn-4vz_HQKwtsmUlxkXT0L212naKAVm1108r_I8dLvyMqFwMVMM1VzLPr0fLjJzu6oOiCL4XARa6KxKS3Fwyd9NK2k=w800
blogger.googleusercontent.com/img/a/ 34 KB
35 KB 993ms
848ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhwK0i2F9TJjhQL3LRdxSUDoa8QsW8tjgnxmmOnEkcV6k7yE1DroBN97tUNhiGob7wIka14j2h6eSF1iDR-c0TTu8yf8ifpbKn-4vz_HQKwtsmUlxkXT0L212naKAVm1108r_I8dLvyMqFwMVMM1VzLPr0fLjJzu6oOiCL4XARa6KxKS3Fwyd9NK2k=w800

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c97404c3b516e8d7681af790724d2f318382aea4db170d8860be9dd1d8a91b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v8347"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="google-1-1-logo-png-transparent.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35188
x-xss-protection: 0
expires: Sun, 18 Feb 2024 11:57:15 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 summary Show response
score808.candilkuya.com/feeds/posts/ 2 KB
1 KB 338ms
337ms XHR
text/javascript 2607:f8b0:4006:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://score808.candilkuya.com/feeds/posts/summary?alt=json-in-script&max-results=0

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

73eab554e82c6eb4a65a8d99e10536a9d7d6380aff6a38e57befbb4329fef7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Feb 2024 11:04:15 GMT
server: blogger-renderd
etag: W/"501431efa2a5c9ea41863021d6bae8c5f4730b48ce941fe198f3f2b16f301cfb"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1000
x-xss-protection: 0
expires: Sat, 17 Feb 2024 11:57:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 271ms
134ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1307519939176927

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd7f58bc702165b33d2e9d924c6111941aac4b92e09607c9b7aa866ac564114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Origin: https://score808.candilkuya.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51243
x-xss-protection: 0
server: cafe
etag: 2882079297852660581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 11:57:14 GMT

GET
DATA 200
OK truncated
/ 151 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ba12419b19d0928f41774e6548e2d5ffd028066c276b7e8477e2e1960f8ff70

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9731c77e4cac1aa574848878a2b096434ce843f7ea7aab5299ec024988eba825

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 406 KB
138 KB 266ms
130ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1307519939176927

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3047048f4ac82b9cda4d283a1716988c9688b56d583bdb70771da218bc999ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141050
x-xss-protection: 0
server: cafe
etag: 14059654386383519743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 11:57:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 6E82 9 KB
5 KB 221ms
64ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1307519939176927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 60218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:13:37 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 19:13:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A88 11 KB
5 KB 526ms
509ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&adk=1812271804&adf=3025194257&lmt=1708167855&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034776&bpp=5&bdt=581&idt=432&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=33461202187&frm=20&pv=2&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=454

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc40341be72fe2f914462c3ff85a933b72684c5baade66799a52113d5e4ef471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4781
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 134ms
127ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=left_side_ad&cls=left_side_ad%20section&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00D5 123 KB
41 KB 516ms
514ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=280&slotname=8821295543&adk=3898703930&adf=3542702058&pi=t.ma~as.8821295543&w=1170&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=1170x280&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034781&bpp=3&bdt=586&idt=454&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=477

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbbbaaa693932a6396277fe80992b802a39e375f1f50ad7613ca81450c4f774c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41807
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44AD 856 B
637 B 278ms
272ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=1320160273&adf=3300555782&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034784&bpp=1&bdt=588&idt=482&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-10&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=485

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

852d11bda2d7331cf0c425eaa5be7077fde25c966a0ca7b37329744d2f74bbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE52 119 KB
46 KB 364ms
363ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=795701471&adf=1028463210&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=493&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1410&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=498

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292d1d1bce05fe31d47252a9bd33697f13974fa7a28fa837276efda09f3b1a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 674B 22 KB
10 KB 429ms
428ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=9655826458&adk=987553427&adf=926755587&pi=t.ma~as.9655826458&w=300&lmt=1708167855&format=300x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=507&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05bdfd5eae8a5523a555b565d1053dad63992dd4026a037e59b235e8adb3d836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10108
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E114 624 B
246 B 115ms
114ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhi_-43eATAB&v=APEucNVp1NH2UVRnLZgrHIII1_QbjgJJfQ1SIFlsn7MHrkW6BHwQE-PU7GAuMz07VpErjpZgA6dolbQ5_53TaRBoXwAJ--golg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=795701471&adf=1028463210&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=493&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1410&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=498

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=8821295543&adk=795701471&adf=1028463210&pi=t.ma~as.8821295543&w=200&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=200x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=493&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1410&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=498
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5A1B 172 KB
61 KB 218ms
64ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 5A1B 8 KB
3 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5A1B 23 KB
9 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:27 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A1B 41 KB
14 KB 339ms
189ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5A1B 3 KB
1 KB 278ms
128ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5A1B 20 KB
8 KB 213ms
63ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5A1B 204 KB
61 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:01:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A1B 42 B
63 B 134ms
133ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQtkNYYZAf1179n6us4b9amCncCgifutV7CEZBtv-4HgE2kko6S9okDiYsLD8NPXieoMKo5oG9P_mSRf_FPjZIUo10HGxi6e9zQJ_6I-YbQdYj0z0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 674B 42 B
63 B 128ms
127ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAqQDm55w4WgI3mTXsUb2_pPnEpaSNROhmwwZX6SL3_KdMhKp99AVpEUPXokdplcyshn8CZXb3byCuJ0z9pepYaqm0XcwLiwjvWA32YegDXIb-foA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=9655826458&adk=987553427&adf=926755587&pi=t.ma~as.9655826458&w=300&lmt=1708167855&format=300x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=507&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=511

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 674B 93 KB
33 KB 117ms
116ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 11:57:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 674B 3 KB
1 KB 332ms
201ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 674B 20 KB
8 KB 222ms
82ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 674B 204 KB
61 KB 83ms
80ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:01:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5F7B 624 B
246 B 104ms
102ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjzgpj9ATAB&v=APEucNXwir3SJyuHRd-Q-cSNPC2kbnSBuKJL7oDnLkTha5QnJqQvea4OXcu6UPjzs7aIAk0c0qAPu4i7nd-CkgdwD4DCc5dxqg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=9655826458&adk=987553427&adf=926755587&pi=t.ma~as.9655826458&w=300&lmt=1708167855&format=300x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=507&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=511
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:15 GMT
expires: Sat, 17 Feb 2024 11:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 00D5 4 KB
1 KB 221ms
79ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=280&slotname=8821295543&adk=3898703930&adf=3542702058&pi=t.ma~as.8821295543&w=1170&fwrn=4&fwrnh=100&lmt=1708167855&rafmt=1&format=1170x280&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034781&bpp=3&bdt=586&idt=454&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 11:38:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 11:57:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 00D5 2 KB
903 B 288ms
188ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 20:51:38 GMT

GET
H2 200 ca-pub-1307519939176927 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 267ms
108ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1307519939176927?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2140c1f19198adb51fe5e792838e4da4cf95d7c70444b6bf90a271e893c2b93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--8oUX6ZN_pJfVL9kFmUxpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-security-policy: script-src 'report-sample' 'nonce--8oUX6ZN_pJfVL9kFmUxpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhbo45-w6tYxNY0TOBHwC3dUZq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 00D5 23 KB
9 KB 176ms
129ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 00D5 3 KB
1 KB 188ms
140ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 00D5 20 KB
8 KB 117ms
70ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 00D5 204 KB
61 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:01:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 00D5 36 KB
15 KB 206ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E114
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtDVxUViRicwWHMyYZopTI&google_cver=1

43 B
766 B

77ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtDVxUViRicwWHMyYZopTI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhi_-43eATAB&v=APEucNVp1NH2UVRnLZgrHIII1_QbjgJJfQ1SIFlsn7MHrkW6BHwQE-PU7GAuMz07VpErjpZgA6dolbQ5_53TaRBoXwAJ--golg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QL65cHl45xS9e%2BpAfNbsZzAWs1sCGcZJBxL1%2B4zYe3k5WXmmYLABmZg3RqGiFrgi5wkT0s5HrSsRmaP6x8NNYhm73VY0TkVvIArGQvLkHbDRvK8jTaYd9YSzKNYcrZoaWyhoeUlLRQ7OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856dda0fef34b3e3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtDVxUViRicwWHMyYZopTI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E114
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdCfG8AoJacAAEXIAAo.lAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2

43 B
733 B

72ms
72ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhi_-43eATAB&v=APEucNVp1NH2UVRnLZgrHIII1_QbjgJJfQ1SIFlsn7MHrkW6BHwQE-PU7GAuMz07VpErjpZgA6dolbQ5_53TaRBoXwAJ--golg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za4c5Z%2FB3Faa%2Bzj4pX3Gejy%2BO2wvaNSUUEGrJ0Ej7f3jCrj8xVjEaQILkaOJws2eFSLCcV8ajve9UFK2x21hTPSLHJd82ijAc9ruoVvBoYta1sY3f4Ms%2FgQl35LA5ed0ruM8jNLBj%2BvIRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856dda107fb1b3e3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E114
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

43 B
1 KB

80ms
76ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhi_-43eATAB&v=APEucNVp1NH2UVRnLZgrHIII1_QbjgJJfQ1SIFlsn7MHrkW6BHwQE-PU7GAuMz07VpErjpZgA6dolbQ5_53TaRBoXwAJ--golg

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
an-x-request-uuid: 97780c81-1d7b-4e28-9908-8efdf42da76d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E114
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

170 B
232 B

80ms
79ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

Requested by

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
an-x-request-uuid: b8c65338-ba61-4b37-aaca-5add40273f32
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D
x-proxy-origin: 38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2941897517991321836/ Frame 00D5 30 KB
30 KB 169ms
144ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2941897517991321836/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a7ad45879ffa8daa59f0d9aa7062b768f422953a890f7bcebbe5281d81baed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 19:22:17 GMT
date: Thu, 15 Feb 2024 19:22:17 GMT
x-content-type-options: nosniff
age: 146098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30728
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 16:39:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10751363226536432428/ Frame 00D5 2 KB
2 KB 167ms
143ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10751363226536432428/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3348deddcbc299ca42e06fb098190f0a369f372411cc43a734225f415849a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 10:09:28 GMT
date: Thu, 15 Feb 2024 10:09:28 GMT
x-content-type-options: nosniff
age: 179267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1708
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 14:47:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5F7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1

43 B
731 B

78ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjzgpj9ATAB&v=APEucNXwir3SJyuHRd-Q-cSNPC2kbnSBuKJL7oDnLkTha5QnJqQvea4OXcu6UPjzs7aIAk0c0qAPu4i7nd-CkgdwD4DCc5dxqg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIyLBBEUuN6axF74wlijmM64I4RRivz6S6dptczmB4%2B1VnCYRfywwHwdIdQbGZkugYTtvy7syUouKWs05xECTyiIWLmXSkv77EYK2zn2VshQ2hPJZ9HltQWlpb%2FeSLB8ZQg8bbHr6fSHfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856dda0fef36b3e3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5F7B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdCfG8AoJacAAEXIAAo.lAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2

43 B
731 B

94ms
93ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjzgpj9ATAB&v=APEucNXwir3SJyuHRd-Q-cSNPC2kbnSBuKJL7oDnLkTha5QnJqQvea4OXcu6UPjzs7aIAk0c0qAPu4i7nd-CkgdwD4DCc5dxqg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq30QYix6H9%2Bd86ol5BE78tSzqcoWmQi3fXF6O7fB28iCnaBzFpB%2BFhov1E3rq7PjCewbRGiy%2BBiTlACCEscFsNSHBAf0re3Vi6OEdE0x6ihRCGpqPrEuAU71LbOElQGs2ds%2F96wKBFbuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856dda107fb2b3e3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDL_rKuEPY23W3ya7W2u7zU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5F7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

43 B
1 KB

75ms
70ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjzgpj9ATAB&v=APEucNXwir3SJyuHRd-Q-cSNPC2kbnSBuKJL7oDnLkTha5QnJqQvea4OXcu6UPjzs7aIAk0c0qAPu4i7nd-CkgdwD4DCc5dxqg

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
an-x-request-uuid: 14b560eb-ef24-4972-b746-fe2574188a2f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMj8OWGxxhh7igDJVb6aWEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5F7B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

170 B
243 B

77ms
77ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D

Requested by

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
an-x-request-uuid: d686f52b-14c8-4f2e-b315-39715b96e34b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MDM3NDUzOTU3NzM3NjUwNg%3D%3D
x-proxy-origin: 38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 674B 0
20 B 130ms
129ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8985507483047&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 674B 0
20 B 128ms
127ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8985507483047&version=m202401290101&ct=119&x=1&cor=11329983916690887000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 674B 91 KB
38 KB 109ms
108ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpZLNGfn7qBXbdthACCubI1geDfKQ1eu0AcsDPaiL0O5gMiMKM0pcgsp72-0mxkE-Lxw-4gD1V-Q-vAY4o97mNNB0EVKM5Rl82lEU3E9LTuCV13dsKYXsZ0csk7SNxyGWaC11od1nAF1FBbTEuRMYcnGKbR_cExSgQ4vE7BeRldn7fz0rPNStNzYIsbAnbgp3d7JTp6Hb7Evu-UTlqkFUq8kA4B1-YwW18YVzAeNM-KkhXHBo&cry=1&dbm_d=AKAmf-Bx2aaCNM5-vKrmPXOLrbC-_RNcs5KhslPqjz7wkoQV9ZWWAIrcpCx3WvDd48dvpEm0tJAmwTP_nta0jQ1RioxRXb72Ik7BkcTBeOpgfEJ1n9-buUkr-RnhfBhezd5dz1aueRout1LNx5A2sgoYvRzwiMsmoGvo0znZ6TZnDafSrLw1iBuJ07lPmzvk8Mkf2SvEILhe_mTvbYT9qWXUaVKaR-n3w2RfbpuAa_0nyd204m8Fjq421vapBy-A9_u_jxk7_B-_PXyO25Dd-zppMhh_sMPgRMjgdaafjEjDRNyiKNtAtqASYEcHyGsk3h4SoLDPn1G58X9Y9JmrijICrjkEux6qhXv6wXoKUVHR1z1nke1QERoocZIFrQ7IcXq9PSsXj7UQGC3kIFo2y4ExWLf4YhIJ0PE1tZuksXBFGGaBJlgIZRvc_EB7ZE3Ftp_6Si2MXkecxmi5huXW7Hh7jMFZw1fGTmGZq2tJA8_z3XCEhwmxR8CVN4-yllZeqfkv6b1ukh3mH911DU1n00i_5Ba1CSrbIQ40WRUwRFlE0iODaIEkJGfrm5_YBmOOH0jApCwwOZyFujZsIQextQM1FloxnUvwg0mBbi_5OR4n_CA2DlqjeS6Gd5Gh1XzvFSOY_kUv0sTykcv7yzao6T1rBy3gxT7HehPgaOXr4bxiZwDesBPd9drELG5ShuTO2N7hqvOA1vPcvtODcxx9vMtKwOyG6hzIZ6vm_x41QBiWGNHippTfcT3_yLJtfIgtwPxTk-CpOLGEMmGo1MmxQSwWkpTIEt7FFFTyqVv8Qv6HRXxjhWwcM6FwHhQDMnYyy3tlVJb7cAzqVNbtSee2_Utfx3G7vEiRttkYzSymAcafy_nDiBmLvoiH5_6Ge3EqV0eSZJFxh4rc_-iaEYhhZE9-2lX0qL-0oXHNxcrUrZo2wdgtk4g6kzdvVVmKwaRlJX5V60c3QfsJRDgQSoJp7JM6qshVYfn4X3IOSVmyYVEBO6pVqiXslMP_7gjscZ12J1GJ4KHRMXzBcG4MDCnD29iLyASRivKNoDu-5YrIEBwSv6RxCSGuq-_qmNBCxtv-vC-_6cCj_AChybseCemNXqHaC8I9qvc9xvd5ab-T2yqcFv_UUJtfKJ6kijq3wLlkdKp7OFYbn_4gvdYnpkHD54iyGxmRg10HAhaxyyaFb7R2VHklDZJB4O7ai37ba6DJlNpbQJK2F1lWOAftezEIaKsCwlPSkT2qzRkzxFlYeBTRIB1ZBiva4cZY_Qh8b6XjKE1tqzARgHXzE_CMtOkuDorTOoDHEZqmhyCBDZwralI7E1b72l1XXbHcuyfwkK7rVqm3u5njXcIb3w6a41zQ8GgBs7YQQOdwss3re_16OXTOypjR1fleOqBK7P23DgkbI3LEyL84xeIq0FLnK30dJXUOkRvbb411pLBmQXr8hnlszTol8lqZDhueptEUV6N8Mu-SUn0HM2BG9Df1UKct0cSdEmXkOVAyK1a1rUp5Zc1-aJ0TdF29YZkTmOBtI8gacoQ9wccHmFeehEkC8fZ8KtYny40XfS1NTbRtEhjCjg-61lFzHkwIDeBdjgG4-t_c87BGwV1t_d51XNuQgmMJRfJenr8oASq7GcDTX7F6xK-FUG8nV7AseGsFSSb03K31KsFGUsDo7dt7Br7mtvQuFf_60VLxiCz7QEnC6HFQXU8eaGrFm-ZA1tDQJw9_ONfQEpIr89NsLyfI43rUKysCe5ibUIzGDHaF4y7H9eFV9MFOghplorNuubQkHLkDpqgu5pnhbJge9KbyE3XOuc8hdC3V8439BES35qlikb1Uvl3Eg7_A61dbUE22vy0BcHpvYK40vBgc87SNtpUwAKM7YNtoxwtHERKT1Ta7S2CHgoZFkmdf5D7BvTmujxEGN7wXjY_XFr8PQseryR6oC6mvIRF3PDyd9uhR59oSaTYEp3UBvVozDeYGC3dx1CV74LnEgCoeA3J59tCKAPUVJYmtJDpr63zORWv3tJpzviE7efKw_eu7EktOi8MJ2uT2lKiBddBtDmr8WThHx22Gkol2RIMentemsI0BJqDjLRjW8cVTZCnKhE8Y3P4PesoeEpBsN3JVYn-ucV_95qfHE1YmyOtobzr3NwOhL4SK4KhG60vQBoAbbDVjcu71yinAITyIPvFE929xvTE9zPNwRrwTsx87yj0BvGrk0sK8NkTOoZqkDwhlRBKuu8JqshiT9bfi43Lk0RXn7RPinzD3Ymala6Q83t-SqufLDdirD431z0VYNWRFgLxCbH2rkpERxUFMulkLIeywSdlfcnunwDcdusvMIrj5OC-YI2NJ4g6988FstpI-kPwGj9g7QEy7pTIBCZSv7Yy0JPpUVpNSXJ2lUqJK06YluLrdPdEiZuSjtUTjYo-m57FYKU87ua6dO0EX8ybZO2_f-B004iMgAIa6x0MmZLgW-pyKepI8OGvYUjV4z7By7_joD-2cWLFkrS3XATyRXyjRwJFE4UH-O_el6Usbv5X25FjTkIzzZkU37hH2oZopS99Ij-Kut94GKgt9wAaauWbQQ25zqI6DxnmvQTntZg_SpZ_ya7UXPQX4E3mozOrAK3IyFy_Rr4gjlKNdOejUZQqEjarXhSxfiviiVkhPv7zgiKwUHEe_8QNjxltGW-7JP0hGrT9R2c2pJgetPE7EhbO4Zwibw4KErqIQK-ndoNV9vfwq-j44R_O6aDngZe0qMrkH_Y6giwTATO7J5Zx8y4emWregfr249uSgSpJn5XcWGd1NLrLUmxmUhBHLYi1UIMXKKTfdm7dM-nkvEnTkKiLmtqiQsYULYjZ-SKl_j2THsUY2J1p0mloNZtMdGrjuT535lb17MdaPBerjfDmN8Dti3B0BOV8tBmHymz2DDc4Pp_hxUyDY4uLhpYeLnyDngMnBrk6mkAZ7Ej0Raub997G4OBZ7q7JHnT1XyFth7isewrSHRn8sxBiTDho9EjHkNdUFQdRkWpo7jIQScQ2k2S-P7ixFzCtaLgdhHKa9t7CfzQhAk7oUb6y7ATRG_ZAe3Gwy1zwbmaceoz0oUYVunNZ41xyduQn_zbyZJlXau-epl25Pfmal8vddNOMSOObXr4uIqsaQ7T7n3PT4es8w0J-u-NnLGyy8q7dO80xNBTlwvJyKFXFwE-TeCLiKFJQ4mNe3l4dPkmySW7KmzjfXtMblV4G97qaouJF1SlPXrvq2ak-7vmz3umZ5zbXw8hB6tf_qZwJeLbjzRg4LrCNHiK3tsl2qOWA4rby6evNY3m1fdwic3nXCU4zkx7Y1OT0LjqzQHW15-lnkhd4PJHPKTSCF4eCoU8H7x06gAr2rKIc34Q46_eDR7EtI00-3Nriw_gkkeXGlAEX-7CApcZFWeIdOKkPNBaPBjGjvsce5oqg1fXeKHLNWLDvv9OZ4yeTDHGEQKaS1nVjB_OCBi9ndcmBMzHL5QM_adjTIv7DkVgFNBMX2WyhozbLv_5howCL4pAa_PKpKUohwLLZih5FYIzfLS3EWKfOL7B_Mm2Q42TD89WD2wmMyzsfcxtSi0zlC7J_78ijzCfSqlHvVfT2JQMygPeVT1-9FbNa_hgCCyGUiv8Noh8vmGk3ciLqdk4aeVn2EECrPzFsC48TCbTmgzU84odpGrejWbOfwslaK3tL4oIhdXmqD4ipmwdBCf0md0uLJ0GKqluLqWLm4fEZZorZhyBak1uYtCYO5TkAMfnFkO3phLsnjA9QjrS110e5RxJab8vqAKAn8SZgXqVx-Vz8gTCVavytk8ekjo7oT0B6rgqDNPpiOCZCASLNBxToAxwjnx74TSY_-G8j-vidPD3Gm0815UJj36Gkfby_qZq_HQgyW6nSB9U0ebOUSUiIBCp19tk5qn4fdpmZmsJgQa7NMMy7fwtKeJAuA2jRCIcjgp5U8vs1EWiLmXYtyQO1h10wUl_Aje2u6EFLFQ_GplRusB79AQE2HoAJbuklVNo6LFem_TY5T-I9BZrliIuaAAITGCSY&cid=CAQSTwAvHhf_YUeWGrmsFqfWocEHBBD6cyuGU5mV2E94TB2vbq-MUygVf4TjRfiEwN0X6S7QIEsXm664_w6wQOmudWjLIsQ9JhCqf88i1a1sXP8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fscore808.candilkuya.com%2F&ds=l&xdt=1&iif=1&cor=11329983916690887000&adk=2228999114&idt=125&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146c947cd99af4a9dc8724ffdd56ae40ecc28600c0dd69172adc33e7500edaec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1307519939176927&output=html&h=600&slotname=9655826458&adk=987553427&adf=926755587&pi=t.ma~as.9655826458&w=300&lmt=1708167855&format=300x600&url=https%3A%2F%2Fscore808.candilkuya.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708171034785&bpp=1&bdt=590&idt=507&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C200x600%2C200x600&nras=1&correlator=33461202187&frm=20&pv=1&ga_vid=1369531306.1708171035&ga_sid=1708171035&ga_hid=1912213081&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080650%2C31081141%2C31081189%2C95322746%2C95323739%2C95324581%2C95325067%2C31081135%2C95322180%2C95324155%2C95324160&oid=2&pvsid=603858399199981&tmod=2087917023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5A1B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6259f9d9721e7fead098f4fdca9df8531457f9e9c4294e13f3984bff0c715851

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 00D5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8033d067634b9c6ca23cb0559948bc767400f692a17eab0795748997b501a14

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 674B 172 KB
60 KB 78ms
62ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 674B 12 KB
4 KB 73ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpZLNGfn7qBXbdthACCubI1geDfKQ1eu0AcsDPaiL0O5gMiMKM0pcgsp72-0mxkE-Lxw-4gD1V-Q-vAY4o97mNNB0EVKM5Rl82lEU3E9LTuCV13dsKYXsZ0csk7SNxyGWaC11od1nAF1FBbTEuRMYcnGKbR_cExSgQ4vE7BeRldn7fz0rPNStNzYIsbAnbgp3d7JTp6Hb7Evu-UTlqkFUq8kA4B1-YwW18YVzAeNM-KkhXHBo&cry=1&dbm_d=AKAmf-Bx2aaCNM5-vKrmPXOLrbC-_RNcs5KhslPqjz7wkoQV9ZWWAIrcpCx3WvDd48dvpEm0tJAmwTP_nta0jQ1RioxRXb72Ik7BkcTBeOpgfEJ1n9-buUkr-RnhfBhezd5dz1aueRout1LNx5A2sgoYvRzwiMsmoGvo0znZ6TZnDafSrLw1iBuJ07lPmzvk8Mkf2SvEILhe_mTvbYT9qWXUaVKaR-n3w2RfbpuAa_0nyd204m8Fjq421vapBy-A9_u_jxk7_B-_PXyO25Dd-zppMhh_sMPgRMjgdaafjEjDRNyiKNtAtqASYEcHyGsk3h4SoLDPn1G58X9Y9JmrijICrjkEux6qhXv6wXoKUVHR1z1nke1QERoocZIFrQ7IcXq9PSsXj7UQGC3kIFo2y4ExWLf4YhIJ0PE1tZuksXBFGGaBJlgIZRvc_EB7ZE3Ftp_6Si2MXkecxmi5huXW7Hh7jMFZw1fGTmGZq2tJA8_z3XCEhwmxR8CVN4-yllZeqfkv6b1ukh3mH911DU1n00i_5Ba1CSrbIQ40WRUwRFlE0iODaIEkJGfrm5_YBmOOH0jApCwwOZyFujZsIQextQM1FloxnUvwg0mBbi_5OR4n_CA2DlqjeS6Gd5Gh1XzvFSOY_kUv0sTykcv7yzao6T1rBy3gxT7HehPgaOXr4bxiZwDesBPd9drELG5ShuTO2N7hqvOA1vPcvtODcxx9vMtKwOyG6hzIZ6vm_x41QBiWGNHippTfcT3_yLJtfIgtwPxTk-CpOLGEMmGo1MmxQSwWkpTIEt7FFFTyqVv8Qv6HRXxjhWwcM6FwHhQDMnYyy3tlVJb7cAzqVNbtSee2_Utfx3G7vEiRttkYzSymAcafy_nDiBmLvoiH5_6Ge3EqV0eSZJFxh4rc_-iaEYhhZE9-2lX0qL-0oXHNxcrUrZo2wdgtk4g6kzdvVVmKwaRlJX5V60c3QfsJRDgQSoJp7JM6qshVYfn4X3IOSVmyYVEBO6pVqiXslMP_7gjscZ12J1GJ4KHRMXzBcG4MDCnD29iLyASRivKNoDu-5YrIEBwSv6RxCSGuq-_qmNBCxtv-vC-_6cCj_AChybseCemNXqHaC8I9qvc9xvd5ab-T2yqcFv_UUJtfKJ6kijq3wLlkdKp7OFYbn_4gvdYnpkHD54iyGxmRg10HAhaxyyaFb7R2VHklDZJB4O7ai37ba6DJlNpbQJK2F1lWOAftezEIaKsCwlPSkT2qzRkzxFlYeBTRIB1ZBiva4cZY_Qh8b6XjKE1tqzARgHXzE_CMtOkuDorTOoDHEZqmhyCBDZwralI7E1b72l1XXbHcuyfwkK7rVqm3u5njXcIb3w6a41zQ8GgBs7YQQOdwss3re_16OXTOypjR1fleOqBK7P23DgkbI3LEyL84xeIq0FLnK30dJXUOkRvbb411pLBmQXr8hnlszTol8lqZDhueptEUV6N8Mu-SUn0HM2BG9Df1UKct0cSdEmXkOVAyK1a1rUp5Zc1-aJ0TdF29YZkTmOBtI8gacoQ9wccHmFeehEkC8fZ8KtYny40XfS1NTbRtEhjCjg-61lFzHkwIDeBdjgG4-t_c87BGwV1t_d51XNuQgmMJRfJenr8oASq7GcDTX7F6xK-FUG8nV7AseGsFSSb03K31KsFGUsDo7dt7Br7mtvQuFf_60VLxiCz7QEnC6HFQXU8eaGrFm-ZA1tDQJw9_ONfQEpIr89NsLyfI43rUKysCe5ibUIzGDHaF4y7H9eFV9MFOghplorNuubQkHLkDpqgu5pnhbJge9KbyE3XOuc8hdC3V8439BES35qlikb1Uvl3Eg7_A61dbUE22vy0BcHpvYK40vBgc87SNtpUwAKM7YNtoxwtHERKT1Ta7S2CHgoZFkmdf5D7BvTmujxEGN7wXjY_XFr8PQseryR6oC6mvIRF3PDyd9uhR59oSaTYEp3UBvVozDeYGC3dx1CV74LnEgCoeA3J59tCKAPUVJYmtJDpr63zORWv3tJpzviE7efKw_eu7EktOi8MJ2uT2lKiBddBtDmr8WThHx22Gkol2RIMentemsI0BJqDjLRjW8cVTZCnKhE8Y3P4PesoeEpBsN3JVYn-ucV_95qfHE1YmyOtobzr3NwOhL4SK4KhG60vQBoAbbDVjcu71yinAITyIPvFE929xvTE9zPNwRrwTsx87yj0BvGrk0sK8NkTOoZqkDwhlRBKuu8JqshiT9bfi43Lk0RXn7RPinzD3Ymala6Q83t-SqufLDdirD431z0VYNWRFgLxCbH2rkpERxUFMulkLIeywSdlfcnunwDcdusvMIrj5OC-YI2NJ4g6988FstpI-kPwGj9g7QEy7pTIBCZSv7Yy0JPpUVpNSXJ2lUqJK06YluLrdPdEiZuSjtUTjYo-m57FYKU87ua6dO0EX8ybZO2_f-B004iMgAIa6x0MmZLgW-pyKepI8OGvYUjV4z7By7_joD-2cWLFkrS3XATyRXyjRwJFE4UH-O_el6Usbv5X25FjTkIzzZkU37hH2oZopS99Ij-Kut94GKgt9wAaauWbQQ25zqI6DxnmvQTntZg_SpZ_ya7UXPQX4E3mozOrAK3IyFy_Rr4gjlKNdOejUZQqEjarXhSxfiviiVkhPv7zgiKwUHEe_8QNjxltGW-7JP0hGrT9R2c2pJgetPE7EhbO4Zwibw4KErqIQK-ndoNV9vfwq-j44R_O6aDngZe0qMrkH_Y6giwTATO7J5Zx8y4emWregfr249uSgSpJn5XcWGd1NLrLUmxmUhBHLYi1UIMXKKTfdm7dM-nkvEnTkKiLmtqiQsYULYjZ-SKl_j2THsUY2J1p0mloNZtMdGrjuT535lb17MdaPBerjfDmN8Dti3B0BOV8tBmHymz2DDc4Pp_hxUyDY4uLhpYeLnyDngMnBrk6mkAZ7Ej0Raub997G4OBZ7q7JHnT1XyFth7isewrSHRn8sxBiTDho9EjHkNdUFQdRkWpo7jIQScQ2k2S-P7ixFzCtaLgdhHKa9t7CfzQhAk7oUb6y7ATRG_ZAe3Gwy1zwbmaceoz0oUYVunNZ41xyduQn_zbyZJlXau-epl25Pfmal8vddNOMSOObXr4uIqsaQ7T7n3PT4es8w0J-u-NnLGyy8q7dO80xNBTlwvJyKFXFwE-TeCLiKFJQ4mNe3l4dPkmySW7KmzjfXtMblV4G97qaouJF1SlPXrvq2ak-7vmz3umZ5zbXw8hB6tf_qZwJeLbjzRg4LrCNHiK3tsl2qOWA4rby6evNY3m1fdwic3nXCU4zkx7Y1OT0LjqzQHW15-lnkhd4PJHPKTSCF4eCoU8H7x06gAr2rKIc34Q46_eDR7EtI00-3Nriw_gkkeXGlAEX-7CApcZFWeIdOKkPNBaPBjGjvsce5oqg1fXeKHLNWLDvv9OZ4yeTDHGEQKaS1nVjB_OCBi9ndcmBMzHL5QM_adjTIv7DkVgFNBMX2WyhozbLv_5howCL4pAa_PKpKUohwLLZih5FYIzfLS3EWKfOL7B_Mm2Q42TD89WD2wmMyzsfcxtSi0zlC7J_78ijzCfSqlHvVfT2JQMygPeVT1-9FbNa_hgCCyGUiv8Noh8vmGk3ciLqdk4aeVn2EECrPzFsC48TCbTmgzU84odpGrejWbOfwslaK3tL4oIhdXmqD4ipmwdBCf0md0uLJ0GKqluLqWLm4fEZZorZhyBak1uYtCYO5TkAMfnFkO3phLsnjA9QjrS110e5RxJab8vqAKAn8SZgXqVx-Vz8gTCVavytk8ekjo7oT0B6rgqDNPpiOCZCASLNBxToAxwjnx74TSY_-G8j-vidPD3Gm0815UJj36Gkfby_qZq_HQgyW6nSB9U0ebOUSUiIBCp19tk5qn4fdpmZmsJgQa7NMMy7fwtKeJAuA2jRCIcjgp5U8vs1EWiLmXYtyQO1h10wUl_Aje2u6EFLFQ_GplRusB79AQE2HoAJbuklVNo6LFem_TY5T-I9BZrliIuaAAITGCSY&cid=CAQSTwAvHhf_YUeWGrmsFqfWocEHBBD6cyuGU5mV2E94TB2vbq-MUygVf4TjRfiEwN0X6S7QIEsXm664_w6wQOmudWjLIsQ9JhCqf88i1a1sXP8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fscore808.candilkuya.com%2F&ds=l&xdt=1&iif=1&cor=11329983916690887000&adk=2228999114&idt=125&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:02:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 674B 30 KB
11 KB 70ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 21:07:33 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 674B 41 KB
14 KB 71ms
61ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3048007738795652202/ Frame C0E7 7 KB
1 KB 212ms
81ms Document
text/html 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9546a1024a33330d02aa79b04613f6049be97260bfd322bd660f8e5bbceb860f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1230
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:16 GMT
expires: Sun, 16 Feb 2025 11:57:16 GMT
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5A1B 0
0 314ms
136ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu9Qx7lVQxe4Y6ov5b_Sf81o3RIon409k6344DPEyVGxtB5fXYSz8UJO3fyhvYtBeT0Bc2Uw2qstwKpa6LvFfHeDrS2OpvQgSqUk58Wegh0w1xfjjQ1tZDL7MJReMwYbVnbP4DtVQybf3lxCZdv8sz60FE9MCxS_PZIkHF10W2SKuzbBo1-gHyHm6bNnDX_ld9NRWguM5rFqR9PUfkhs1aNBBSuLxLVld6-gAOgy80HfyvIfTKl6JkVRTqOC_hUT6LFiDbn1SdOhfjJPN-TH07dR-whbkraGgcPLjW_vzEsthOnaeOej8ECzhiDBfIqLyO2iAa9HGWyBmPQlIGJrm90gr_lEvzihuxECbgLD0gYdA3dYKOdVZZKFeIBxWgZwPLDVL3MGJ1L6CdzVZl4Pft7aN5nmrr32VY-oLHu-XXLxpqph-nL2RAiROjU7yFky4o0gvCUzcsVWcuDfgg-kcBz9kC_jxkrZiSHGdehzrGIlWBI8gkJWLw_logXoqgxSgoDEBicyBvTn92D1i6PCEbNOsHnD_XnoeGa2ycrIgCSaDhnd4a8JoSDfsvj7V7-9KbCYmDZKvuGJ_L_DdN0Q6nVfroEhqUTPRB3NE_0rm4BSzACDmaGMPnsBc8TzmFeFYeLWxOTeY78XmckAC4hf6dnX-hXg1oWvPDh4UUlfPSoqvNeocSrDyTOzlG8vs9Wj2yWCYNvDO6X5HZ7UaBO9S6zAByhO9ep8oco49yeUeRr0XJRTvlDdr2BVOptTmZedmQy7dyTUjN_ZbkSLwdQzsBADkazEGsV-LLvgn7Yi-hQRTuTUm1m2nHtLhz3Hc9RGLaDYwEzf0Lt1l61GZJp9uTlNgpRYd6V41-_jkhVGtnRViIx1AGklwps5YDjWrLnaNqzd275J9rgD2xwIlxivGx3zEzD8qYjyuKv_XcJpV2k5Sl7NKyN46BWfNPIlpjBaO1dG9scC2TZLeq7fHvJ7M_a2msAB_5z46jeReJSsAPzZEWs8nR-IQpPqTPb_HE9gikC3-muAt-I13WMVf2zbvRRLJYi6bmJiC0cGt7iSzdWVlmGC3TsfPGkGMQKvObKSZekH_3B4IgX7DIsmc-uHW2Wfy8XpIPAny-kajj3ih8fCuOoHn7jnkaufSlO_G_De-Fh65WSamEfsm5XR2VvqRbicqSxM4HQCy9OtXl_iYsJKjEYmqdnXd0tqfOE5smdYoZ1G5U6UM6UZkTu_L5MEyhI1ytNUNkgmRbYveG19T9ScjBJYrWVk0VfrnjvE0-Yp9vfRAwX4rJq8B0d0tR2PN3cFgrF7frREmELjOOxRlowQaF8T5g1V1ezGyEBQHPbZ9yFXGWNmf0QJOu1jGY6Kdqbi_oG3N4bq5iSuVyJNUSVmmshUjvRvRR9L6M5LP8jq7qHHFADRdDgIDtX1qRA3YtP8a4lZiGB0BnioSWH1HK395UWnrYiY-Zu&sai=AMfl-YTwa262ONW0gacAfHcCqafzrNr7Smg2XdSmy6Iv0hbTDfdJPaIEge9QKSBzWWsSn3D_ENHxAl6vEx1UCWT3hC0Qe6TI542xPDHm4UOP603fTeK_sGYkEbIY1GIxyyo4TjQzPibR0DGLPvF_7dopVcihcRcdR5MnDPe4A04EuQEkFxiBMcB1ViJhqESowRBy7vLnDRreMLt9lOKbMQzEaDVyl-W3MeWLwsZ7iMGj-H_ljCrXWK3mKgffyOjfi6CRCOZX592MDy_IlaIZCQ7eCYtNKSO1B7VzgHiQmjRPw5B0JLusT5EL847f0UK05jU669pUhuvWOb2qNOaYl6vNkY3-7f-GeVG2DeFTbYk1BNyledaP_m2vYjFDOfEsjTGS2RS5d2pP9ZhUQ9XxdhyLhFLkUz_O_9iugkdOxfdfeF_guEthrVjK4ZEtT9Imlz9WTmDlgQVZBPYXE-5insio76ECPw7fgJewO5EgyvwyKak26dcMIO8c3mHEKS0Bx4yX-_3S0g&sig=Cg0ArKJSzMCXyuerY8VREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=402&cbvp=1&cstd=388&cisv=r20240215.29843&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 11:57:16 GMT

GET
DATA 200
OK truncated
/ Frame 674B 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6198baf9e615273b8376a77f4bdd251b2beaff7caedb91af3ba61ad85d8b6080

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E6CB 38 KB
13 KB 64ms
63ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 106654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 06:19:42 GMT
expires: Sat, 15 Feb 2025 06:19:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00D5 16 KB
16 KB 224ms
79ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:33:05 GMT
x-content-type-options: nosniff
age: 195851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:33:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00D5 15 KB
16 KB 204ms
63ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 159606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 00D5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBHhRG5_QZYa3E6qUoPMP0c6duA63yPLvdbfLraG2Ev2B5LbrAhABIMjCgXtgyYaAgNyjxBCgAaCXjpMoyAEJqAMByAPLBKoE3gFP0G_lZ13XqD2MvpYf4kSyqaKXwd-XxkKlXaKu2C41tpy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3e27f24e1b3a556a0000000000000000%22,%222%22:%220x405895dd62d83d830000000000000000%22,%223%22:%220x54be7e...

0
0

264ms
127ms

Fetch
text/css

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3e27f24e1b3a556a0000000000000000%22,%222%22:%220x405895dd62d83d830000000000000000%22,%223%22:%220x54be7eb0dc6700620000000000000000%22,%224%22:%220xb4f3f28983ce13ac0000000000000000%22,%225%22:%220x5c9de17b9743ae3e0000000000000000%22},%22debug_key%22:%2218022524770339108406%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210777496480%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210997126762402659089%22}&andc=true

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3e27f24e1b3a556a0000000000000000","2":"0x405895dd62d83d830000000000000000","3":"0x54be7eb0dc6700620000000000000000","4":"0xb4f3f28983ce13ac0000000000000000","5":"0x5c9de17b9743ae3e0000000000000000"},"debug_key":"18022524770339108406","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10777496480"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"10997126762402659089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 11:57:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3e27f24e1b3a556a0000000000000000","2":"0x405895dd62d83d830000000000000000","3":"0x54be7eb0dc6700620000000000000000","4":"0xb4f3f28983ce13ac0000000000000000","5":"0x5c9de17b9743ae3e0000000000000000"},"debug_key":"18022524770339108406","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10777496480"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"10997126762402659089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 AGSKWxWE7hWTbRF5Hfxxv6EmmgugYvkZ-ns6at-H-PYBbI20XJMb0qPJ9n2AOkxzuNbPxA3H8AYa-8MZVa7u1SPkW9bW11KBl_ua4H6yvDpNJ4sJmtHQEEqlZ9RK1ULUjy8wcccauPJxHg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 103ms
102ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWE7hWTbRF5Hfxxv6EmmgugYvkZ-ns6at-H-PYBbI20XJMb0qPJ9n2AOkxzuNbPxA3H8AYa-8MZVa7u1SPkW9bW11KBl_ua4H6yvDpNJ4sJmtHQEEqlZ9RK1ULUjy8wcccauPJxHg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTcxMDM2LDI4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zY29yZTgwOC5jYW5kaWxrdXlhLmNvbS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16a68eb4c0cfcb3ba0c80b7dc26aafcf4961d902bad75e3a2c940e16d64690b0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cB-e6oIxffrMzf7dPhQA4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cB-e6oIxffrMzf7dPhQA4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo45-w6tYxOYsX_uYkYA-TxHJg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3608 51 KB
19 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:38:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 89 KB
22 KB 104ms
83ms Document
text/html 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243118467b955fa3ffd66248f80e9ec9f2b60b751eeed8c46bd3ddf594b8054e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:16 GMT
expires: Sun, 16 Feb 2025 11:57:16 GMT
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 674B 0
0 291ms
137ms Fetch
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv97I_BrIgPUQ0o2xKUGtJlmEz8qRELyBT9msosqQg1iqepV6nXoLBAr9LCBPYmwwwNpWN7M9YdrYpdjIaYWXaP4jVkAcyZBKLj7ZDRnATbKjw3ARg6eCLiOx_bbUFW5v3qC_goBFrmqPn3lXrz-0o5l5I4Dak4csAc3jUOXtxVQ0x78w54BH75OuqIRqEk-4FY0sgiOwLQarmq3XEr07UWaAMGpTKixQEWVjEbuz8Lse5Euf7hyI0xHZ1sX93IH43YMuBiSXCRkE1UnwICVIQBi5AxAS19816uQh7ycCtjnvqJs8Cy1oxOnePdewSxdAlQiqj2TK7TNXLBYys9kuNcoMrtodluvXRSMTZ8yKhLdxfmvU9EM35UZjSjIvDjP9YsCazF7NC3B12KBCnwuuBTznNLbfVcQvkHNrUK-44GJQdOzpbgf17c47m1bv_7g7L4H4vP-lOzxfrjD36l6-v1QZmr8KfohjfSyB57Di3qEEgtu0QSczF7-3mJWqoSGBHbVBVSJ1NS-3ustwR6ulKJDfgNF16zlatc2IjZXJH1QrH7flqFdeAl6HHnjYcxc2oIfmLln2cxZQs0vTuRtQVSFfpoXGB6K0ECY0H15v8_cQ6C1VAj4v3nIbx-q645-_B8vyweYSc-i2w8Ud_0cWQoRlmEbD7r0EF88qe47AAIKNQeYG5hzmMxdgZMahu5MFSQU3wdQ_Xb6RK8IQhgNd_Tu2gR0KuWG0B45ahacMB2Yrq2-HGnxVKBCPpa1gXk_LvEiMEh9HhZ9zd_JwDdJkshYyYjNzyp88hcb55osoSx4Adn-eDOC5tXDiLOFgS-uGthluR8VWa9FwcxK__ZO1eOAoox-ITnBmb-65CsMn85Jz195VbgKvbE158VHoYyT2Hr22CxZgpgI6lmC38LNMZozUowST9Iw0gLL4-slXXlKcdPKoG1bVcMMRXCMadnv4sVe4Pekzi-oD2XVvqSQW19g5fBgeRZXvI1itXcHrFLaVVf3uFgJKutZFT6IOWMHYyDFgrF_vsHJXR8oBQWxvTzCycnx-VFaRt21U2gTjqCCbaKx5c8ne4z-Bp9WQ2vT3ugtkUNyMdCks0OvnK4yEK0zSJto5YxRYm68NXDhIHhjypMp2hXGohUlGPXade4YtyNDJpMApRlVvZjxoIOOfPdLxmcckKKZH9-Zkh4pm2pQXK7iXGW-xeWNf9oqcOjMFCW5S-G6n2oK1RVmS2Pq27w9H9edg4SfzeF6avHr2GGJphlaJOsDBNKhlFfPCbKCa4cHdgi2cai7GLFLVyC5uBvtuXkwlVn0-eHGmND8SYYPAoRes0t8j-22ddCdefrK4KZWyS9zp2Ec2m-uFElZaRxiq8PHF8F2ImKe4Lg9P00Ob5TtkZzPf652X4YhE1k2dfxOC7IBepnp-KIZNKdZLSWzKWhJeR_pBlczUSkFA4AA-YHX5D38Q&sai=AMfl-YSHkTrgz-UahJxJHNglJ9mVNPjAfn8HLLGeeV1m-hp4uyZwDVxGiZHHk4xaX4vpzYDYYvo23XJyh51gdpjglN0nypz8BoifsbQ8FVSzltdrx2uA7wuROEh8kkQwOCJW5yy12pEGjl4cob5ipIVF2S_TKUI46RrZwrzpILxb6jAxBqUnUQraPxNecL823bNvMX-HHveJnGUpXBcNJcIBNnJ6ej6TozKtLRwvFZHbydCg2gpNm30Wp24yfk-YKWZEAoco4O2015M2W2YdfXcrpAQK7PxB2ETk5jqr10jelg&sig=Cg0ArKJSzCmeyfzc67G3EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=189&cbvp=1&cstd=182&cisv=r20240215.79372&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 11:57:16 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 653C 38 KB
13 KB 86ms
70ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 106654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 06:19:42 GMT
expires: Sat, 15 Feb 2025 06:19:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C0E7 5 KB
789 B 89ms
77ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 11:34:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 11:57:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame C0E7 95 KB
34 KB 211ms
64ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:26:03 GMT

GET
H3 200 jquery.bxslider.min.js Show response
s0.2mdn.net/sadbundle/3048007738795652202/js/ Frame C0E7 19 KB
5 KB 68ms
65ms Script
application/x-javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/js/jquery.bxslider.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550cb2681979e286f4588c97ac60ee8e04734f672eb9eb5782ba234de66b02d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:01:21 GMT
date: Thu, 15 Feb 2024 08:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5193
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.bxslider.css
s0.2mdn.net/sadbundle/3048007738795652202/css/ Frame C0E7 4 KB
1 KB 70ms
67ms Stylesheet
text/css 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e6562d5e27794415f0e55f4c44bfcd3ab50e768cea83a3fa9712e2c5e5591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:10:27 GMT
date: Thu, 15 Feb 2024 21:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1189
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.textfill.min.js Show response
s0.2mdn.net/sadbundle/3048007738795652202/js/ Frame C0E7 3 KB
1 KB 81ms
76ms Script
application/x-javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/js/jquery.textfill.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96e5069601f3917388bea9bec38329bd281dd952dec19aa68e7404995ebfcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:10:27 GMT
date: Thu, 15 Feb 2024 21:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1190
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3048007738795652202/css/ Frame C0E7 9 KB
2 KB 74ms
69ms Stylesheet
text/css 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e6fe97083171e251164dc3ec0bc541c3120b53d4e455929471aa600706303a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:37:37 GMT
date: Thu, 15 Feb 2024 16:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2296
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.rateyo.css
s0.2mdn.net/sadbundle/3048007738795652202/css/ Frame C0E7 896 B
365 B 76ms
70ms Stylesheet
text/css 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.rateyo.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46f61376900a925367b589226ece46a524bc26b5eb674d9312a01ed4ea73149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 03:56:45 GMT
date: Wed, 14 Feb 2024 03:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.rateyo.min.js Show response
s0.2mdn.net/sadbundle/3048007738795652202/js/ Frame C0E7 9 KB
4 KB 112ms
107ms Script
application/x-javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/js/jquery.rateyo.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a733ddf320f1b2dfeabec224e80b4f3bd2a74d127de1d5db5e09b512eafff503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 20:30:19 GMT
date: Thu, 15 Feb 2024 20:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4327
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame C0E7 120 KB
41 KB 81ms
76ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 21:58:16 GMT

GET
H3 200 cta_white_arrow.png
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 3 KB
3 KB 186ms
181ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/cta_white_arrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7906c041872372ef50dcef069befbfd081c4548bb84ff12449ed458d91c3b299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 19:15:18 GMT
date: Wed, 14 Feb 2024 19:15:18 GMT
x-content-type-options: nosniff
age: 232918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2884
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sephora-logo-black.svg
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 2 KB
1 KB 188ms
184ms Image
image/svg+xml 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/sephora-logo-black.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddeaee327eda6acd35de8687c29ed65db0a6092cb432e5768d6dacc81415ef92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:01:21 GMT
date: Thu, 15 Feb 2024 08:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 border.png
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 4 KB
4 KB 65ms
65ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/border.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1eb00512e925ee234bc79b7023cc7eaf9b82ba9468e40e583e9f0ff14b8bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 04:18:38 GMT
date: Thu, 15 Feb 2024 04:18:38 GMT
x-content-type-options: nosniff
age: 200318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4331
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sephora-loading.gif
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 20 KB
20 KB 66ms
65ms Image
image/gif 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/sephora-loading.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf7bcdc590a7ad2136049764fa6ee56b20c333e45c1d17b8b7f6415cde212a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 17:15:40 GMT
date: Thu, 15 Feb 2024 17:15:40 GMT
x-content-type-options: nosniff
age: 153696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20831
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/3048007738795652202/js/ Frame C0E7 24 KB
4 KB 73ms
72ms Script
application/x-javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448ea37fd0eca65b23b68c7435dec8083eff7630f29e42475a0d79fd5367b1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:01:21 GMT
date: Thu, 15 Feb 2024 08:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4543
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame E6CB 51 KB
19 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:38:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 279ms
128ms Preflight
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 11:57:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame CDBB 120 KB
41 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 21:58:16 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 653C 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 3 KB
3 KB 66ms
65ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c19322da0d5ba717f281542aad3d364fde06fd9b0df43c068510951fd0db07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 12:16:15 GMT
date: Thu, 15 Feb 2024 12:16:15 GMT
x-content-type-options: nosniff
age: 171661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3555
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 674B 0
0 129ms
128ms Fetch
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv97I_BrIgPUQ0o2xKUGtJlmEz8qRELyBT9msosqQg1iqepV6nXoLBAr9LCBPYmwwwNpWN7M9YdrYpdjIaYWXaP4jVkAcyZBKLj7ZDRnATbKjw3ARg6eCLiOx_bbUFW5v3qC_goBFrmqPn3lXrz-0o5l5I4Dak4csAc3jUOXtxVQ0x78w54BH75OuqIRqEk-4FY0sgiOwLQarmq3XEr07UWaAMGpTKixQEWVjEbuz8Lse5Euf7hyI0xHZ1sX93IH43YMuBiSXCRkE1UnwICVIQBi5AxAS19816uQh7ycCtjnvqJs8Cy1oxOnePdewSxdAlQiqj2TK7TNXLBYys9kuNcoMrtodluvXRSMTZ8yKhLdxfmvU9EM35UZjSjIvDjP9YsCazF7NC3B12KBCnwuuBTznNLbfVcQvkHNrUK-44GJQdOzpbgf17c47m1bv_7g7L4H4vP-lOzxfrjD36l6-v1QZmr8KfohjfSyB57Di3qEEgtu0QSczF7-3mJWqoSGBHbVBVSJ1NS-3ustwR6ulKJDfgNF16zlatc2IjZXJH1QrH7flqFdeAl6HHnjYcxc2oIfmLln2cxZQs0vTuRtQVSFfpoXGB6K0ECY0H15v8_cQ6C1VAj4v3nIbx-q645-_B8vyweYSc-i2w8Ud_0cWQoRlmEbD7r0EF88qe47AAIKNQeYG5hzmMxdgZMahu5MFSQU3wdQ_Xb6RK8IQhgNd_Tu2gR0KuWG0B45ahacMB2Yrq2-HGnxVKBCPpa1gXk_LvEiMEh9HhZ9zd_JwDdJkshYyYjNzyp88hcb55osoSx4Adn-eDOC5tXDiLOFgS-uGthluR8VWa9FwcxK__ZO1eOAoox-ITnBmb-65CsMn85Jz195VbgKvbE158VHoYyT2Hr22CxZgpgI6lmC38LNMZozUowST9Iw0gLL4-slXXlKcdPKoG1bVcMMRXCMadnv4sVe4Pekzi-oD2XVvqSQW19g5fBgeRZXvI1itXcHrFLaVVf3uFgJKutZFT6IOWMHYyDFgrF_vsHJXR8oBQWxvTzCycnx-VFaRt21U2gTjqCCbaKx5c8ne4z-Bp9WQ2vT3ugtkUNyMdCks0OvnK4yEK0zSJto5YxRYm68NXDhIHhjypMp2hXGohUlGPXade4YtyNDJpMApRlVvZjxoIOOfPdLxmcckKKZH9-Zkh4pm2pQXK7iXGW-xeWNf9oqcOjMFCW5S-G6n2oK1RVmS2Pq27w9H9edg4SfzeF6avHr2GGJphlaJOsDBNKhlFfPCbKCa4cHdgi2cai7GLFLVyC5uBvtuXkwlVn0-eHGmND8SYYPAoRes0t8j-22ddCdefrK4KZWyS9zp2Ec2m-uFElZaRxiq8PHF8F2ImKe4Lg9P00Ob5TtkZzPf652X4YhE1k2dfxOC7IBepnp-KIZNKdZLSWzKWhJeR_pBlczUSkFA4AA-YHX5D38Q&sai=AMfl-YSHkTrgz-UahJxJHNglJ9mVNPjAfn8HLLGeeV1m-hp4uyZwDVxGiZHHk4xaX4vpzYDYYvo23XJyh51gdpjglN0nypz8BoifsbQ8FVSzltdrx2uA7wuROEh8kkQwOCJW5yy12pEGjl4cob5ipIVF2S_TKUI46RrZwrzpILxb6jAxBqUnUQraPxNecL823bNvMX-HHveJnGUpXBcNJcIBNnJ6ej6TozKtLRwvFZHbydCg2gpNm30Wp24yfk-YKWZEAoco4O2015M2W2YdfXcrpAQK7PxB2ETk5jqr10jelg&sig=Cg0ArKJSzCmeyfzc67G3EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=579&vt=11&dtpt=390&dett=3&cstd=182&cisv=r20240215.79372&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 11:57:16 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CDBB 7 KB
6 KB 105ms
102ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92a76fab73c2b63eef358f3485beb2e5937779825b2f30b1fad7370c1ffdc43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5667
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame C0E7 120 KB
41 KB 73ms
71ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 21:58:16 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 517 B
547 B 79ms
77ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/replay.png

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182fc11158c66dbbd0432664c2967f118f3a5e57b7e5fb28822376e8dbe365db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:58:10 GMT
date: Thu, 15 Feb 2024 11:58:10 GMT
x-content-type-options: nosniff
age: 172746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 37 KB
37 KB 79ms
78ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/poster.jpg

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea0c881f37fd3f492b1917ce42a88e0f95d7392ec970cb9646d721f7bf7fb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:45:41 GMT
date: Thu, 15 Feb 2024 16:45:41 GMT
x-content-type-options: nosniff
age: 155495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37751
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 3 KB
3 KB 78ms
77ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/preload.jpg

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c19322da0d5ba717f281542aad3d364fde06fd9b0df43c068510951fd0db07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 12:16:15 GMT
date: Thu, 15 Feb 2024 12:16:15 GMT
x-content-type-options: nosniff
age: 171661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3555
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

206
Partial Content

file.mp4
r4---sn-q4flrnld.c.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CDBB
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r4---sn-q4flrnld.c.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/acao,ctier,expire,id,ip,ipbits,itag...

426 KB
427 KB

596ms
66ms

Media
video/mp4

2607:f8b0:4000:12::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-q4flrnld.c.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/658DD4C24BF524AFF83A50086AA27CE82DC0A4A4.50C007DEE6DCB6ABFA93E8F497F0206F94713F12/key/cms1/cms_redirect/yes/mh/9s/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4flrnld/ms/onc/mt/1708165978/mv/u/mvi/4/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:12::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9df8cd495861ffd4f3bf6b8454f714e83b40a0da5f6035123a1a0bc46babe8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 11:57:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Nov 2023 23:56:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-436303/436304
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 436304
Expires: Sat, 17 Feb 2024 11:57:17 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-q4flrnld.c.2mdn.net/videoplayback/id/f53e9cd10ee1f26f/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739707035/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/658DD4C24BF524AFF83A50086AA27CE82DC0A4A4.50C007DEE6DCB6ABFA93E8F497F0206F94713F12/key/cms1/cms_redirect/yes/mh/9s/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4flrnld/ms/onc/mt/1708165978/mv/u/mvi/4/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0E7 7 KB
6 KB 103ms
103ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e18b6b19b9de6dfd7b456e7b0462152a72fa19653091e6d3767456a9ce577069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5672
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6CB 0
21 B 135ms
132ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B16RPG5_QZZLpFN-GoPMPmsmL4AoAAAAAOAHgBAI&bg=!ODulO3TNAAYBC1i-IQs7ADQBe5WfOJC2tjIvw4GgypzHCfzjIHXGUft2jPNn9edge3Cqy-KQj6kduiSx5w-h1HZusujEAgAAAM9SAAAABGgBB5kDGH4yAwlLQT7ScDxeoq6Mki7Hj02XTP9-bbwOfAtUPnf22jyswacnlsdbUmDPrkE5zx2xRrZ8bkqRKX7lNEXrl6NLOIviC5hEwPYby-nuowUKnWkHsJKzihxjm8uFutwH8-0LONYwbPEieUAprcM0L816EzUu_a3TEa8mS_xt4GBf3CIjg4GqU2Oqw_bS3lNbK_IQl_VXquwDX4K1ECZSjD_pxW--51VJvRfsSqmfmYXqxfkARdMVPfPmhe-TUBdMZ4jRbaVSpuvmpsGglKnlJi-GV-VNKIHZ9PqLp0cJ5H_nI4l17uQ79TuNrJRpMnURM_FwFYUqaNTrQ995i0Pb6fb4kIW90o3f9Dj2qpjCxrlvJa-WjsX_88dRW0d4-clcz-VFXQmr7HotTmreHukY8exkQyhG2OTQprHlT0YPVeksvli-5tF3P0DXFC0MSqqZ4H_qY8wI2x103tSyeuA7i8JANzrcq5zIIHghRDijw6xVH7Y2WbhDFWcmX8dAD3jOPraF10IifcKq4u8LRwTfDU6tj_J41Is8wrUXvoSJFpAsAEiDDP7FfVxeb1OAT49oJJMY7sVqbtv0tVQzoBRGWT42cyYDY-9cL_jxaICp5hc3yrd0AmuI12L2C9aNrtDTu3ckKt2vFfMf9FCl0gePuBnTIt5BV6H3nQUGm8T-CgJJ30BIs1-X3iX0CkIS8kNSp7437My0-x34YrIxLJgfarPiGtdJV2ZM15jc-BtUKGqjaXUBaeLWukBu5G59x2qqOEg4yebv51GPQbzJUEjI16y-K-DO7qe6_JHUpzVR2r5bleTw_mnzDZsRIUW5ak2Qe5wbFBfGNx2W3Q7pDs9FPYRExzEjzWosZGSABXfXlICR0OoBT80Kk7hJaE0iQRw0lk9jLIYc9NTDwek-y3zp8xARs2RpbJTnLZJn-3T5GujzQfmXB6opjNnvO_Am5LkCrgWyXcvGNq9aJrGJrTwHkOKdS3u9JVWBa7ySFY8VYcmkONNyWdBgUGT5fSx3koEgcXbqS4YyC3AI6QL1WC3STrxLvC3XVu7skQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CDBB 17 KB
6 KB 134ms
133ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:57:16 GMT

GET
DATA 200
OK truncated
/ Frame CDBB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Futura-Med.otf
s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/ Frame C0E7 69 KB
47 KB 66ms
65ms Font
font/otf 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/Futura-Med.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44eef348292128bbc1834688a43068e5a8417dec106542bee6b31d78775a6406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 23:09:55 GMT
date: Thu, 15 Feb 2024 23:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47953
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bx_loader.gif
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 8 KB
8 KB 70ms
69ms Image
image/gif 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/bx_loader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 09:03:33 GMT
date: Fri, 16 Feb 2024 09:03:33 GMT
x-content-type-options: nosniff
age: 96823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Left_Arrow.svg
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 188 B
203 B 66ms
65ms Image
image/svg+xml 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/Left_Arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1930ade9d196235872eecf2f23d675846ba2afedc0091353d55c34273eb8e541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:55:42 GMT
date: Thu, 15 Feb 2024 13:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Right_Arrow.svg
s0.2mdn.net/sadbundle/3048007738795652202/img/ Frame C0E7 173 B
196 B 67ms
66ms Image
image/svg+xml 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/img/Right_Arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1f733280a700db3a6a614d2384950ddbc4f6272de15dbb4ff2c665f0b66137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:20:00 GMT
date: Thu, 15 Feb 2024 08:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 653C 0
21 B 135ms
134ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2YUDG5_QZZXeOt_eoPMPkaGO0A0AAAAAOAHgBAI&bg=!UFOlUxzNAAZN4L4YbeA7ADQBe5WfOByt6DowbcrEHXrMHVgkV9ZIFZuNaZcww9-AaAa-Q6RFOF-OCJlFMPVtk5BOARiPAgAAAKZSAAAAA2gBBwoAA8n71ZkC-GYib-BHu1JzkCQrVQPTe0t2el1NVBQSia06uIQWf-jqfZFTwzYqjKjuBCs8kY8ex0BRF-JeNtPA_cjlR2Rvf6QBc97yTZ3p0d_AIhIPdm57U3Cmrwvjc6nuowG35IzmzTl2Rv52JAhSG6PqnOrKJ8oWze72btFUJeXmmO-6BgPspRrRm5kukMNIx_-XF8KO0hheAjybezQs_FT1yMDq9FjNjrrjiDxzMKOhtqyYm4GgVGHl-mVm-QO_HH_lAbIw1sayc8irZqfggXoTLNM4j2Gl-nwysVMoXyOiPbwHOmXGc2fZe6WMj5176LZ2Ul7BtTfOwRP9oeNPRj4qqipFshJVm4qG1xj5h2JYKsKBbaYUCdWVW349Pg55H89YUx7MOoNV_Cx-5geIkDugQvGWNl2-keWyG_BXcOUs2OGzAElBrDNLsxDyLKdFZvfUDHkpDLGYa-PIzcohdLouw9Qbb6mUI1_CGriu_4MTMTkcSmpQzEchR-tLNsFbKrKy3oBg_A8h2mSu7Hyp0GdAZQ65a84RjnlPG5KDpgElmDnb1ff1ID2q_bdGB05dqBEaD8zz-2Kmd2Jt6XmKC3DZEKIZ229amn66Jraw4PF1gxwSK5K1qnK5ECNl_ppeA3pmkReuVvxfDmVLtgOtNTamTRFwUGxkTE0nzzlMA5tjJuIgN2-Yl9ABRVHT09QoqkKdQTVP8Jk3DAbUBSHTn0WmTeXhgymYGM9U6LKp4CEcmsMksmymRBeaFHa1x6SXB99miBld_aMyOFPDEx2PukQiBIyG4A3QSvE2b86TQyhISjFfoAsLBq-iV_1443sFxN0-Pd6N2aSj1xFoAK3_QrfSZI0AShxE8rTLqT6ODPCJocpCcWiSgY1guBoX9CheQkBO4S1UoIvVC_dePvLQb_PIrBY2N17-ILRNAObbWfb-JZyyY_CcGHfCwS9ZF4U9FVi4DpqQzTZNZ3kTa6OVnQjSh8W8L18RX5_Epin5QUV3XVySJtgiJ_etvu77q0I

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame CDBB 13 KB
5 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 00:12:20 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/17935818835445338392/ Frame CDBB 517 B
547 B 65ms
65ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17935818835445338392/replay.png

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182fc11158c66dbbd0432664c2967f118f3a5e57b7e5fb28822376e8dbe365db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17935818835445338392/index.html?e=69&leftOffset=0&topOffset=0&c=XnRoxCCULK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:58:10 GMT
date: Thu, 15 Feb 2024 11:58:10 GMT
x-content-type-options: nosniff
age: 172746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0E7 7 KB
6 KB 105ms
104ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96d595441e1d5559eec091509b4bca8890f969aa5ae006a3e9234a799c5436fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5791
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0E7 8 KB
6 KB 163ms
163ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3924ff63836fd3b5d89dd51b1ced89b8cc53d5b87651e8a1af46b92f09c8820f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5860
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0E7 17 KB
6 KB 109ms
109ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:57:17 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5A1B 0
0 129ms
127ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu9Qx7lVQxe4Y6ov5b_Sf81o3RIon409k6344DPEyVGxtB5fXYSz8UJO3fyhvYtBeT0Bc2Uw2qstwKpa6LvFfHeDrS2OpvQgSqUk58Wegh0w1xfjjQ1tZDL7MJReMwYbVnbP4DtVQybf3lxCZdv8sz60FE9MCxS_PZIkHF10W2SKuzbBo1-gHyHm6bNnDX_ld9NRWguM5rFqR9PUfkhs1aNBBSuLxLVld6-gAOgy80HfyvIfTKl6JkVRTqOC_hUT6LFiDbn1SdOhfjJPN-TH07dR-whbkraGgcPLjW_vzEsthOnaeOej8ECzhiDBfIqLyO2iAa9HGWyBmPQlIGJrm90gr_lEvzihuxECbgLD0gYdA3dYKOdVZZKFeIBxWgZwPLDVL3MGJ1L6CdzVZl4Pft7aN5nmrr32VY-oLHu-XXLxpqph-nL2RAiROjU7yFky4o0gvCUzcsVWcuDfgg-kcBz9kC_jxkrZiSHGdehzrGIlWBI8gkJWLw_logXoqgxSgoDEBicyBvTn92D1i6PCEbNOsHnD_XnoeGa2ycrIgCSaDhnd4a8JoSDfsvj7V7-9KbCYmDZKvuGJ_L_DdN0Q6nVfroEhqUTPRB3NE_0rm4BSzACDmaGMPnsBc8TzmFeFYeLWxOTeY78XmckAC4hf6dnX-hXg1oWvPDh4UUlfPSoqvNeocSrDyTOzlG8vs9Wj2yWCYNvDO6X5HZ7UaBO9S6zAByhO9ep8oco49yeUeRr0XJRTvlDdr2BVOptTmZedmQy7dyTUjN_ZbkSLwdQzsBADkazEGsV-LLvgn7Yi-hQRTuTUm1m2nHtLhz3Hc9RGLaDYwEzf0Lt1l61GZJp9uTlNgpRYd6V41-_jkhVGtnRViIx1AGklwps5YDjWrLnaNqzd275J9rgD2xwIlxivGx3zEzD8qYjyuKv_XcJpV2k5Sl7NKyN46BWfNPIlpjBaO1dG9scC2TZLeq7fHvJ7M_a2msAB_5z46jeReJSsAPzZEWs8nR-IQpPqTPb_HE9gikC3-muAt-I13WMVf2zbvRRLJYi6bmJiC0cGt7iSzdWVlmGC3TsfPGkGMQKvObKSZekH_3B4IgX7DIsmc-uHW2Wfy8XpIPAny-kajj3ih8fCuOoHn7jnkaufSlO_G_De-Fh65WSamEfsm5XR2VvqRbicqSxM4HQCy9OtXl_iYsJKjEYmqdnXd0tqfOE5smdYoZ1G5U6UM6UZkTu_L5MEyhI1ytNUNkgmRbYveG19T9ScjBJYrWVk0VfrnjvE0-Yp9vfRAwX4rJq8B0d0tR2PN3cFgrF7frREmELjOOxRlowQaF8T5g1V1ezGyEBQHPbZ9yFXGWNmf0QJOu1jGY6Kdqbi_oG3N4bq5iSuVyJNUSVmmshUjvRvRR9L6M5LP8jq7qHHFADRdDgIDtX1qRA3YtP8a4lZiGB0BnioSWH1HK395UWnrYiY-Zu&sai=AMfl-YTwa262ONW0gacAfHcCqafzrNr7Smg2XdSmy6Iv0hbTDfdJPaIEge9QKSBzWWsSn3D_ENHxAl6vEx1UCWT3hC0Qe6TI542xPDHm4UOP603fTeK_sGYkEbIY1GIxyyo4TjQzPibR0DGLPvF_7dopVcihcRcdR5MnDPe4A04EuQEkFxiBMcB1ViJhqESowRBy7vLnDRreMLt9lOKbMQzEaDVyl-W3MeWLwsZ7iMGj-H_ljCrXWK3mKgffyOjfi6CRCOZX592MDy_IlaIZCQ7eCYtNKSO1B7VzgHiQmjRPw5B0JLusT5EL847f0UK05jU669pUhuvWOb2qNOaYl6vNkY3-7f-GeVG2DeFTbYk1BNyledaP_m2vYjFDOfEsjTGS2RS5d2pP9ZhUQ9XxdhyLhFLkUz_O_9iugkdOxfdfeF_guEthrVjK4ZEtT9Imlz9WTmDlgQVZBPYXE-5insio76ECPw7fgJewO5EgyvwyKak26dcMIO8c3mHEKS0Bx4yX-_3S0g&sig=Cg0ArKJSzMCXyuerY8VREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1198&vt=11&dtpt=796&dett=3&cstd=388&cisv=r20240215.29843&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: score808.candilkuya.com
URL: https://score808.candilkuya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 11:57:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 163ms
163ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a952d39083f8ddf224d7b2f2055706335f9cff86582f8c439cd66ba9f54ac3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12451
x-xss-protection: 0

GET
H3 200 Futura-Boo.otf
s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/ Frame C0E7 68 KB
47 KB 67ms
67ms Font
font/otf 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/Futura-Boo.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c9f367f83600f6cff5a079e12affcbee47c4ceb23d23a9b58043dbaa4e90f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 10:09:50 GMT
date: Thu, 15 Feb 2024 10:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47832
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 PlayfairDisplay-SemiBold.ttf
s0.2mdn.net/sadbundle/3048007738795652202/fonts/Playfair_Display/ Frame C0E7 189 KB
88 KB 74ms
73ms Font
font/ttf 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/fonts/Playfair_Display/PlayfairDisplay-SemiBold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1e129e61c556592432ebecf921dc3e54f23caa8b7f9d5668db90bbcad63756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 19:41:38 GMT
date: Thu, 15 Feb 2024 19:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90365
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Futura-Lig.otf
s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/ Frame C0E7 67 KB
46 KB 80ms
79ms Font
font/otf 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3048007738795652202/fonts/Futura/Futura-Lig.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c7021fc918c6db285a14dd652f2d3c612761fd8b4fd26fa1d84a4e899a2438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 07:09:19 GMT
date: Fri, 16 Feb 2024 07:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46624
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s2495505-main-zoom.jpg-imwidth=450_1697137362153_s2495505-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame C0E7 10 KB
10 KB 90ms
87ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2495505-main-zoom.jpg-imwidth=450_1697137362153_s2495505-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

980f37702dd256370ac7a54b27fd2016d21765d0bfa98a3842765f22e9c8d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:13:16 GMT
x-content-type-options: nosniff
age: 132241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10305
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 19:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:13:16 GMT

GET
H3 200 s2734085-main-zoom.jpg-imwidth=450_1705690873415_s2734085-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame C0E7 10 KB
10 KB 94ms
91ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2734085-main-zoom.jpg-imwidth=450_1705690873415_s2734085-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399b233f3ac24ab2b77f55c6f8612579e6c2aa05b1a63f91023182059a2e5a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:23:53 GMT
x-content-type-options: nosniff
age: 174804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10432
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 19:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 11:23:53 GMT

GET
H3 200 s2031391-main-zoom.jpg-imwidth=450_1697029255878_s2031391-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame C0E7 9 KB
9 KB 96ms
93ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2031391-main-zoom.jpg-imwidth=450_1697029255878_s2031391-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc8722510b51d48fa2be43d27e96906a5c94238722df9088849d0388a7a3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:30:40 GMT
x-content-type-options: nosniff
age: 170797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9640
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 12:30:40 GMT

GET
H3 200 s2371367-main-zoom.jpg-imwidth=450_1697029255878_s2371367-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame C0E7 26 KB
26 KB 99ms
97ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2371367-main-zoom.jpg-imwidth=450_1697029255878_s2371367-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7262031b90a8bf9faab27b0316d4451cbdd2d5fb5004998c67b4dd1d043811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 10:16:28 GMT
x-content-type-options: nosniff
age: 178849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26962
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:00:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 10:16:28 GMT

GET
H3 200 s2744696-main-zoom.jpg-imwidth=450_1707051643140_s2744696-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame C0E7 8 KB
8 KB 108ms
106ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2744696-main-zoom.jpg-imwidth=450_1707051643140_s2744696-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b81c746b30f4229d1920b6421cb659c8f72d7bb75053a4df44d1055861d9e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3048007738795652202/index.html?e=69&leftOffset=0&topOffset=0&c=x5EZtseuL9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:57:58 GMT
x-content-type-options: nosniff
age: 172759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7803
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 13:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 11:57:58 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8666 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0E7 17 KB
6 KB 113ms
113ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:57:17 GMT

GET
H2 200 Link%20Burnley%20vs%20Arsenal.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlj2ZXVI_T0F9sjE_9j0HU4TkScz_HoVN2bw_2i_OC9IQPQeb8yh43UCzkgeDduIGMD7UAq31uucbrBUbZP70lsZgtNUoZbhZIHuK1BsQ5HAV1yYz7ppeHA5WZGhCcAw08O8-iubyJHsAimetF... 143 KB
144 KB 789ms
788ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlj2ZXVI_T0F9sjE_9j0HU4TkScz_HoVN2bw_2i_OC9IQPQeb8yh43UCzkgeDduIGMD7UAq31uucbrBUbZP70lsZgtNUoZbhZIHuK1BsQ5HAV1yYz7ppeHA5WZGhCcAw08O8-iubyJHsAimetFTSGYR4wB2LuXRPOXBNDr0yoLzGsbdIHNDBZ1TYkqwrq9/w400/Link%20Burnley%20vs%20Arsenal.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2711ecd470c45ce07131766984f10956104e6cebef71ab1e06430309d1837df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v2774"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Link Burnley vs Arsenal.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146913
x-xss-protection: 0
expires: Sun, 18 Feb 2024 11:57:17 GMT

GET
H2 200 V.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBEyttqtFbehbM59od6xwnq9LCAZei40mAZ5A2vvCV16FE2ddCfEdBjcBQoICoEwaZhiT804cUNVIRbBrFg1Z3wlFSwgnpuiOsRxZq1-0xhRNhYowHSDvvq1N1jPuDOzNjrDqQeunIku6HxmAK... 157 KB
157 KB 913ms
912ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBEyttqtFbehbM59od6xwnq9LCAZei40mAZ5A2vvCV16FE2ddCfEdBjcBQoICoEwaZhiT804cUNVIRbBrFg1Z3wlFSwgnpuiOsRxZq1-0xhRNhYowHSDvvq1N1jPuDOzNjrDqQeunIku6HxmAKzMfA1Us9NoIdHWVqJylEzDpYv5YmzA-FsMItvE2Qnaub/w400/V.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

92ed752cd36df19e47fe80e1e6afae9d507814990360e3206193eefe87d043c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v2772"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="V.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160672
x-xss-protection: 0
expires: Sun, 18 Feb 2024 11:57:17 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 16A0 39 KB
15 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A44 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
91ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:57:17 GMT

GET
H3 200 afr.php Show response
fundingchoicesmessages.google.com/f/AGSKWxVAfCvjgJl4224Ndz6_xXWblYwfZRmj2YyU_AJkl7MAIX1ISnbOL5QcWqF87i_tu8y64DD51cfj5UOmhfjoKA5Y82pUxTDOoVZ-8RkQyq8vrop2-A_uy22VEEgXrurGs0Gdq2-mRD1J0HNACdS5Cn0UB4Bwk... 54 B
110 B 95ms
92ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAfCvjgJl4224Ndz6_xXWblYwfZRmj2YyU_AJkl7MAIX1ISnbOL5QcWqF87i_tu8y64DD51cfj5UOmhfjoKA5Y82pUxTDOoVZ-8RkQyq8vrop2-A_uy22VEEgXrurGs0Gdq2-mRD1J0HNACdS5Cn0UB4BwkmtzyzaQEVhZo20VD5yixsqZ-eCsQbJJ/__images/ad./afr.php?/reqwads?/delivery/fc./mmt_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2fd4a08f524fb2253735ab42e9b0bb4ccd6a8220c1380a9ab4247540e6b36ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qi9E_dprBlTAeyn9WtV6Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-qi9E_dprBlTAeyn9WtV6Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo65-w6tYxM4sex1FyMA-eVHcg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
80 B 67ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:55:17 GMT

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 219ms
90ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f-m8ryAnqjRI_kKA7ZnIDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-f-m8ryAnqjRI_kKA7ZnIDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XDM3XdoHZvAgb41xxkB_1YYaQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://score808.candilkuya.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00D5 42 B
64 B 139ms
139ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE1E_NoJEF-RKgF-rIUJTDjZwgaGz_rYzwxJIXIDSKsNxZzu4QlZ23OjKAHScbvQ1GHjVSrULSC_wElLfVEHqU9Jtk99ZplJPVXq_lwASvH8ao2D9vLW0uFFif3Q-lGd3c4eAzKFiTROuN8xWzcmzHcyyVjFpPrZo&sai=AMfl-YT4se-ug8d4NMEIwv-Lh-6Unk1tvcsnQ8-R_DPyFRaYhnRfxcsf_PhvxebVKfRg33TBriasu55Q5PwEllAp4Z3g8sgwxhYH6ZHUz7LL4zYRuye1BLUJbFnDUPw9w00jbJECfcVfVy-sSGzePELN&sig=Cg0ArKJSzOQ9cT-S0i2bEAE&cid=CAQSTgAvHhf__la7VWvO4njP2nH8djl3mwnIBpMBFvnJhaXoECcZOaixL-wSrojC9sXegEuRhwuzY0XkHXttvl9rQiUM0EwlkCx3MIwFXJD0bRgB&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3898703930&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=410383600&rst=1708171035259&rpt=992&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A1B 42 B
64 B 135ms
135ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh_-s0F7hjwz367Gr8aaRd9exCqkTI8I_FJ1_uRxU0BEbOu4LWjbr4qQMShUmbhmnW-aJolHTiBFHTRqoMv0PU0Y9y8h6vvDTu6sgRC4U66l8lcT06rl5124Xv0hwxOCPRnAm1-AprHG7MNti-5CU-h0_O77Js8Ts&sai=AMfl-YRVHOAbGBZ9psIg_M9bzPldpw3meUL6SISnf9Hiq6tr3zY-kDjxHTyow5cPEqZOby28pMeN6IqE88mVabiyEeT6xRcA8dXqkiEn5ZdkdKU7batjU17C-xCbMXJkOleITXXHsGqcV4dHV9-ztDaS&sig=Cg0ArKJSzMmqo2z3aDzREAE&cid=CAQSTgAvHhf_51Wfsebyejia-B-rf-eiY6Grmnbf-JeLuGGsmutCLcTWExMOjpV2PGrOvZ6WBDr4sAcugjVr7O8HXZ6DRIxqsAYFgDPk1-L4ERgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=795701471&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=410383600&rst=1708171035665&rpt=649&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 596e00978d5880392bd798b549957a30a59c409885affe284076fc8b253c7c55

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 674B 42 B
64 B 143ms
142ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpL5VPWwnWJqYAOUk6_-4APRm1ewmkFgzPANswlZYYdmAN5iKnC9uZB6Ns1tV1j9Ezb6G5Pwy1Pn4pkxw3oMvwsCX7Dz53gG9IcjjjoigprPXd9ef1o9ZVGPMT6R9RC9A7pUqhRjB77MDLUCts-PBuNU-8Fuhduhc&sai=AMfl-YQNkntPhDzEXGjZYEbSuFZPNSlQbMNys1LDz2ThkGvGGEViyfUwIHmGMB-7TfDSla2EjuClXNo3UPDgMzc5gdLd8rVgQLvRy4bfo9C4la6cjxogEIzvKsom707GtDfZhpGJXvHXV2NnY6dv0ZFT-w&sig=Cg0ArKJSzDahUpoOGRVVEAE&cid=CAQSTwAvHhf_YUeWGrmsFqfWocEHBBD6cyuGU5mV2E94TB2vbq-MUygVf4TjRfiEwN0X6S7QIEsXm664_w6wQOmudWjLIsQ9JhCqf88i1a1sXP8YAQ&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&vu=1&app=0&itpl=20&adk=987553427&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=410383600&rst=1708171035297&rpt=1083&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 104E 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBE3 13 KB
5 KB 71ms
69ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 143401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:07:16 GMT
expires: Fri, 14 Feb 2025 20:07:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FC3 829 B
1 KB 226ms
85ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba4cfc163bcf69569663aae5bda0fe01780a4e9628433982c4334cca2a0953cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lMKRidoLU7lyMIa-tlG80A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://score808.candilkuya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lMKRidoLU7lyMIa-tlG80A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 11:57:17 GMT
expires: Sat, 17 Feb 2024 11:57:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
87ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qb0eZMi1C20KwQbO-6MrVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qb0eZMi1C20KwQbO-6MrVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XDM3XdoHZvAga7NF5gAAekYgA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://score808.candilkuya.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 111ms
109ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AtKrIhcP2bXFXEkWWcVK1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AtKrIhcP2bXFXEkWWcVK1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XDM3XdoHZvAjK3TbjMBAAAYGGs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://score808.candilkuya.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 106ms
104ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4qICDKq-9dy8EcxKcDnMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-4qICDKq-9dy8EcxKcDnMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XDM3XdoHZvAinWPbjIBAAFqGL8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://score808.candilkuya.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXxNGwMzveRmDb0xYD33Z68GRc6SKM5B_M412YznmvBhlOFRYC8yIp-u0MmnF9Pg2ApxNLU06fUQ7aqF3zO1RJ9Bp_iPrOH6sCIkP7Rer3REgwGe26JHm00tQ0p51Fru4ty8srO9Q== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 101ms
101ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxNGwMzveRmDb0xYD33Z68GRc6SKM5B_M412YznmvBhlOFRYC8yIp-u0MmnF9Pg2ApxNLU06fUQ7aqF3zO1RJ9Bp_iPrOH6sCIkP7Rer3REgwGe26JHm00tQ0p51Fru4ty8srO9Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTcxMDM3LDY2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2NvcmU4MDguY2FuZGlsa3V5YS5jb20vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

118a444e39ea18341bd139aa2105e10de25bd2243be8a653397e3826731376fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dEQYKW1b8t0fm2gRVrpXUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-dEQYKW1b8t0fm2gRVrpXUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo65-w6tYxPYsOPoDSYAAbdHoQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 674B 0
22 B 129ms
128ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8985507483047&version=m202401290101&ct=119&x=1&cor=11329983916690887000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame CBE3 39 KB
15 KB 86ms
85ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
91ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VdwvJgl9ZteN7Q9QC6rq2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-VdwvJgl9ZteN7Q9QC6rq2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XDM3XdoHZvAhD331jIDAP9EGIA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://score808.candilkuya.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWsYBh1U7tqD9Gz7-XnhYRjtex95fA1797WZFAADLcy3ITQEzup6KfA8JvRxR0BZCija0JvhBQcWDbPuNrdEKc_eL0D8KYpTKulazsuuydNf-dT4WnDv6glJZQrw40XG4Oi6ZDdkQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 94ms
93ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWsYBh1U7tqD9Gz7-XnhYRjtex95fA1797WZFAADLcy3ITQEzup6KfA8JvRxR0BZCija0JvhBQcWDbPuNrdEKc_eL0D8KYpTKulazsuuydNf-dT4WnDv6glJZQrw40XG4Oi6ZDdkQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTcxMDM3LDg1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2NvcmU4MDguY2FuZGlsa3V5YS5jb20vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dedd0932f0b112b23a765a9f9f4ab7b77ec9ad3c36b9f1fd6689981466f2eca

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2GXVzoFzx_3smiMBt9tuGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2GXVzoFzx_3smiMBt9tuGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo65-w6tYxNYsGPuBmYA-MlHNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1dfB_qiyhAMVXy9oCB2RkAPaEAAYACC1gathQhMI9KSc_qiyhAMV6AJoCB1NJwg4;dc_eps=AHas8cD5IkPupMk55lAU-Wwvo1D291aceeE4pLZc2OGNHVo-EB7AVlSygjLDloU8X0yiTp4jnT4KdxxwKJiPD2ch;met=1;&timestamp=170817103...
ade.googlesyndication.com/ddm/activity/ Frame 674B 42 B
251 B 152ms
131ms Image
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1dfB_qiyhAMVXy9oCB2RkAPaEAAYACC1gathQhMI9KSc_qiyhAMV6AJoCB1NJwg4;dc_eps=AHas8cD5IkPupMk55lAU-Wwvo1D291aceeE4pLZc2OGNHVo-EB7AVlSygjLDloU8X0yiTp4jnT4KdxxwKJiPD2ch;met=1;&timestamp=1708171037894;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FC3 0
0 132ms
130ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=603858399199981&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 AGSKWxXYzztLa7LbjMF1BuGh52mu7CYHCP1WPDTQA6S0_P0mDc3L8S-79x9teVRLgo5VRBbc0y92yU_5C7Vz3pMkf_UAV3ADq92vU0vzJR1yfekTxnQ9n4h3DsYqittoqpBPDrQm_wMQYg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
99ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYzztLa7LbjMF1BuGh52mu7CYHCP1WPDTQA6S0_P0mDc3L8S-79x9teVRLgo5VRBbc0y92yU_5C7Vz3pMkf_UAV3ADq92vU0vzJR1yfekTxnQ9n4h3DsYqittoqpBPDrQm_wMQYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTcxMDM3LDk2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zY29yZTgwOC5jYW5kaWxrdXlhLmNvbS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

665420d0a67efa3264f30c7f7b1825d1d5a5d4da9c24f427c75aa39fcb852a81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XIAxEVrioNzisdvQee_9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-XIAxEVrioNzisdvQee_9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhbo55-w6tYxO48e84FwC4GUc9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBE3 0
10 B 64ms
64ms Image
text/plain 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mGxm-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:57:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxWF0IcyOIw2okEtjA9UXwCLRjaVJjEmYI-4PpnSH5Zgw2jaDUVUko88M8A1oP7O4zJUss6OX_g8ObVfs54www9IlCl5pYAtfo2lz6bCRDajkY285mXkB0wZ55rDRM3DxuO92ZnKhA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
91ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF0IcyOIw2okEtjA9UXwCLRjaVJjEmYI-4PpnSH5Zgw2jaDUVUko88M8A1oP7O4zJUss6OX_g8ObVfs54www9IlCl5pYAtfo2lz6bCRDajkY285mXkB0wZ55rDRM3DxuO92ZnKhA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uut1j5QQucdm05ExrlfsWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uut1j5QQucdm05ExrlfsWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXPM23doHZvAho6t9gDnVBfY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://score808.candilkuya.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 105ms
105ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrKYYZo5VZFjhKIoLgu5jNc8PA6kYiQQvoR1luNXq0pK0R4HTVNIeO38NIWJ7F7vPQ715Jokh_FmPiy578hpqGMvutk9SmgzA-GIeYoNClmWvLEQnSh-eFdWTsh2WBvIw2u9u9Sw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m-Mfx6SdAX17AsJ1plcO3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://score808.candilkuya.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 11:57:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m-Mfx6SdAX17AsJ1plcO3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXPM23doHZvAjDWv3ADpPxgm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://score808.candilkuya.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 134ms
134ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=603858399199981&bg=!n5ylnNPNAAZN4L4YbeA7ADQBe5WfOLSaUWdc7W_Egotb8p8cDbcL-Zq0M0AWN7u2ERfqSnUChgcyYhFJt2DqksV1QRoNAgAAAJlSAAAAAmgBB5kC15RpBnYXFaykibFIbUwb1_piRQdt9dqVJCFTdiPghp2rgaxYIjccvEVkRjJWkOe2Q2ksojh3f9Vb0oT_mI9a7InXhD3TX3A0ClIxL67xIRzq72v07YKl9Nk7oY6Rdf4XQxPaJuj1oJr36Vcy2cZQUkpeSgUVCaJzy6B50RCG-O2njqor2PduPfECVzd6DN2If4zBinWh7-E3FZcqYL26gJUNc0HQQ2lPOqonYX30sGmvpKv0x3L1fUCqGmOyX9i7_TO1oAd7nAoV4-rd6uiQmyOIXKEMyrINn8jLwSV8STaEfNlwUnSeW9Wc10qIQQ5Z9atqDehbDZC2ucZAvYmb8YI86B6KVYJunC1nerZURo3p6aetojeCPKwDqbS85hVB9YrsGqhhTj6NhPX21OOQbBGAT-gMwwZbAKyMsqGOJET9Geg6JZrtyajOhH_18XxMH7xwffFzYlQUS7ivtml1Z50WYF7CebW-UwlSrGmOBMuLGCeOYjMzNfts-tbNmljwmCNvllGl39ZBrz9-i7C192OiYUDs5btfKn4UQbFg2h3homnrh95u62C2yA06vZSZIjIPmEV1TNN9_oKYnQPVjDN6wRC8BEZzEyXlZFQzCgU_evUNacrkXi_DqRNwaBHA17u3Kk2uRjVDfPqg7F9Lb-7A56CKg4-cPib67WkTOyelrtok-I8PKstxTskN3q-yWrUoQnRGP68tn944NLcjlzS95xo3Ib2omEQOsUA9-jePmixx5qh3JMTSVTWrU6Vdbmu_Fhmwun8LQUVTm4R3jb9BrO201AsncJ8TaMknO--BahyGZyOtz7GYBpkiHsns3JHiHMcZ9uGcNJUEon2I98cD3vlKyIy3DqQPuIg0d-oboxGlmHBXWkl7WZoh4urtA1oiUg_5hISwQBGWmL4UiQd3OPWc1_2i5pTYHxrJ4K9ZZjCM3x4xTOirEb9kthMH8BhO7meSZFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://score808.candilkuya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.candilkuya.com/	1970-01-21 03:51:07	Name: __gads Value: ID=53a8284b223f4af9:T=1708171035:RT=1708171035:S=ALNI_MYuuC5aFL7yn2-Vw-DVPP_ZHhQhSg
.candilkuya.com/	1970-01-21 03:51:07	Name: __gpi Value: UID=00000dcaaed23c02:T=1708171035:RT=1708171035:S=ALNI_MauBALRm5GywuJRnS-8zRa1_lCYqg
.candilkuya.com/	1970-01-20 22:48:43	Name: __eoi Value: ID=307cc3ad95bc157d:T=1708171035:RT=1708171035:S=AA-AfjY_BXlFcKW0SgqOsW8VJGfA
.doubleclick.net/	1970-01-21 04:05:31	Name: IDE Value: AHWqTUlPtA2iBgV0FkfRiw2H9the1bhvL52qGPztbmvXkfDNoWnDjHHSL5oxZ-ot
.doubleclick.net/	1970-01-20 22:48:43	Name: APC Value: AfxxVi43eUDK7P5ZhmlApYeWFfe68L_xndx9z9xhV55DxztF3Y1CFQ
.doubleclick.net/	1970-01-20 22:48:43	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:15:07	Name: CMID Value: ZdCfG8AoJacAAEXIAAo.lAAA
.casalemedia.com/	1970-01-20 20:39:07	Name: CMPS Value: 2906
.casalemedia.com/	1970-01-20 20:39:07	Name: CMPRO Value: 2906
.adnxs.com/	1970-01-21 04:05:31	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:07	Name: XANDR_PANID Value: aJa7VMkaaZY-V3eq-UOCdOVc5QzYSZ-ZotKOPGhe0gc8qNIFfeQ2BhAIiKXUUbEPYTsi0oY40qmybsgiHq31a_G7DAFGauYCSj8FocT95HY.
.adnxs.com/	1970-01-20 20:39:07	Name: uuid2 Value: 5250374539577376506
.adnxs.com/	1970-01-20 20:39:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJ>[r$g!@wnfH8K6pQK`!5=E<L5?%K@gNLP!bvUavdeXf5eDIPb25Bu?C]Z3s9lREQbpRzqF1`b`Pj*:gJ-
.googleadservices.com/	1970-01-20 20:39:07	Name: ar_debug Value: 1
.candilkuya.com/	1970-01-21 03:15:07	Name: FCNEC Value: %5B%5B%22AKsRol-eZ7h-_qix5Ypd-4Z1CO5BQIbJT8GIntgdzwLlx2UttKi7YJ5JUoxeaIQ5YjCGCa9j-wn9Cn4wx7osZmHBiNGYg8GMveHIqQAd9PoGjomPtYXAL_K1jsnMHKmXmzGgihub3ygzuCgQpuUAafRVRx_xHYu1cA%3D%3D%22%5D%5D

74 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://score808.candilkuya.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
ajax.googleapis.com
blogger.googleusercontent.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
r4---sn-q4flrnld.c.2mdn.net
s0.2mdn.net
score808.candilkuya.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.65.230
142.251.40.194
142.251.40.98
172.64.151.101
2607:f8b0:4000:12::9
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:816::2013
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2006
68.67.181.211
01c7021fc918c6db285a14dd652f2d3c612761fd8b4fd26fa1d84a4e899a2438
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
05bdfd5eae8a5523a555b565d1053dad63992dd4026a037e59b235e8adb3d836
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
10c9f367f83600f6cff5a079e12affcbee47c4ceb23d23a9b58043dbaa4e90f1
118a444e39ea18341bd139aa2105e10de25bd2243be8a653397e3826731376fc
11c19322da0d5ba717f281542aad3d364fde06fd9b0df43c068510951fd0db07
146c947cd99af4a9dc8724ffdd56ae40ecc28600c0dd69172adc33e7500edaec
16a68eb4c0cfcb3ba0c80b7dc26aafcf4961d902bad75e3a2c940e16d64690b0
17e6562d5e27794415f0e55f4c44bfcd3ab50e768cea83a3fa9712e2c5e5591d
182fc11158c66dbbd0432664c2967f118f3a5e57b7e5fb28822376e8dbe365db
1930ade9d196235872eecf2f23d675846ba2afedc0091353d55c34273eb8e541
243118467b955fa3ffd66248f80e9ec9f2b60b751eeed8c46bd3ddf594b8054e
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2711ecd470c45ce07131766984f10956104e6cebef71ab1e06430309d1837df6
292d1d1bce05fe31d47252a9bd33697f13974fa7a28fa837276efda09f3b1a7a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2dedd0932f0b112b23a765a9f9f4ab7b77ec9ad3c36b9f1fd6689981466f2eca
3047048f4ac82b9cda4d283a1716988c9688b56d583bdb70771da218bc999ce1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3924ff63836fd3b5d89dd51b1ced89b8cc53d5b87651e8a1af46b92f09c8820f
399b233f3ac24ab2b77f55c6f8612579e6c2aa05b1a63f91023182059a2e5a90
3b3348deddcbc299ca42e06fb098190f0a369f372411cc43a734225f415849a7
3b81c746b30f4229d1920b6421cb659c8f72d7bb75053a4df44d1055861d9e96
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
448ea37fd0eca65b23b68c7435dec8083eff7630f29e42475a0d79fd5367b1c1
44eef348292128bbc1834688a43068e5a8417dec106542bee6b31d78775a6406
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
550cb2681979e286f4588c97ac60ee8e04734f672eb9eb5782ba234de66b02d1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596e00978d5880392bd798b549957a30a59c409885affe284076fc8b253c7c55
60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0
6198baf9e615273b8376a77f4bdd251b2beaff7caedb91af3ba61ad85d8b6080
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6259f9d9721e7fead098f4fdca9df8531457f9e9c4294e13f3984bff0c715851
665420d0a67efa3264f30c7f7b1825d1d5a5d4da9c24f427c75aa39fcb852a81
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ba12419b19d0928f41774e6548e2d5ffd028066c276b7e8477e2e1960f8ff70
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6fd7f58bc702165b33d2e9d924c6111941aac4b92e09607c9b7aa866ac564114
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
73eab554e82c6eb4a65a8d99e10536a9d7d6380aff6a38e57befbb4329fef7e1
7906c041872372ef50dcef069befbfd081c4548bb84ff12449ed458d91c3b299
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
852d11bda2d7331cf0c425eaa5be7077fde25c966a0ca7b37329744d2f74bbb7
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
90e6fe97083171e251164dc3ec0bc541c3120b53d4e455929471aa600706303a
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92a76fab73c2b63eef358f3485beb2e5937779825b2f30b1fad7370c1ffdc43a
92ed752cd36df19e47fe80e1e6afae9d507814990360e3206193eefe87d043c5
9546a1024a33330d02aa79b04613f6049be97260bfd322bd660f8e5bbceb860f
96d595441e1d5559eec091509b4bca8890f969aa5ae006a3e9234a799c5436fa
9731c77e4cac1aa574848878a2b096434ce843f7ea7aab5299ec024988eba825
980f37702dd256370ac7a54b27fd2016d21765d0bfa98a3842765f22e9c8d173
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9df8cd495861ffd4f3bf6b8454f714e83b40a0da5f6035123a1a0bc46babe8e7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7262031b90a8bf9faab27b0316d4451cbdd2d5fb5004998c67b4dd1d043811a
a733ddf320f1b2dfeabec224e80b4f3bd2a74d127de1d5db5e09b512eafff503
a8033d067634b9c6ca23cb0559948bc767400f692a17eab0795748997b501a14
a952d39083f8ddf224d7b2f2055706335f9cff86582f8c439cd66ba9f54ac3d2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba4cfc163bcf69569663aae5bda0fe01780a4e9628433982c4334cca2a0953cd
bc40341be72fe2f914462c3ff85a933b72684c5baade66799a52113d5e4ef471
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c97404c3b516e8d7681af790724d2f318382aea4db170d8860be9dd1d8a91b12
cbc8722510b51d48fa2be43d27e96906a5c94238722df9088849d0388a7a3e41
cea0c881f37fd3f492b1917ce42a88e0f95d7392ec970cb9646d721f7bf7fb87
d46f61376900a925367b589226ece46a524bc26b5eb674d9312a01ed4ea73149
dbbbaaa693932a6396277fe80992b802a39e375f1f50ad7613ca81450c4f774c
dcf7bcdc590a7ad2136049764fa6ee56b20c333e45c1d17b8b7f6415cde212a5
dd1e129e61c556592432ebecf921dc3e54f23caa8b7f9d5668db90bbcad63756
ddeaee327eda6acd35de8687c29ed65db0a6092cb432e5768d6dacc81415ef92
de1f733280a700db3a6a614d2384950ddbc4f6272de15dbb4ff2c665f0b66137
de24056e882bd5ed97d34b3d23dc54493315aa06a26e888b29198468bccbd503
e18b6b19b9de6dfd7b456e7b0462152a72fa19653091e6d3767456a9ce577069
e2140c1f19198adb51fe5e792838e4da4cf95d7c70444b6bf90a271e893c2b93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96e5069601f3917388bea9bec38329bd281dd952dec19aa68e7404995ebfcca
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed1eb00512e925ee234bc79b7023cc7eaf9b82ba9468e40e583e9f0ff14b8bae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f2fd4a08f524fb2253735ab42e9b0bb4ccd6a8220c1380a9ab4247540e6b36ea
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a7ad45879ffa8daa59f0d9aa7062b768f422953a890f7bcebbe5281d81baed

score808.candilkuya.com Open in urlscan Pro 2607:f8b0:4006:816::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

93 %HTTPS

74 %IPv6

11 Domains

21 Subdomains

19 IPs

1 Countries

2551 kBTransfer

5247 kBSize

15 Cookies

8 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

score808.candilkuya.com Open in urlscan Pro
2607:f8b0:4006:816::2013 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

93 %
HTTPS

74 %
IPv6

11
Domains

21
Subdomains

19
IPs

1
Countries

2551 kB
Transfer

5247 kB
Size

15
Cookies

143 HTTP transactions
8 data transactions