theipfire.com Open in urlscan Pro
162.159.137.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theipfire.com/category/premium-accounts/
Effective URL:
https://theipfire.com/category/premium-accounts/
Submission: On February 18 via api (February 18th 2024, 10:43:45 pm UTC) from US — Scanned from US

Summary HTTP 211 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 25 domains to perform 211 HTTP transactions. The main IP is 162.159.137.54, located in and belongs to CLOUDFLARENET, US. The main domain is theipfire.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2023. Valid for: a year.

This is the only time theipfire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	162.159.137.54 162.159.137.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3 16	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
34	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
6	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
3 11	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
2	23.192.34.122 23.192.34.122	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	13.226.34.99 13.226.34.99	16509 (AMAZON-02) (AMAZON-02)
1 3	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	34.133.71.175 34.133.71.175	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	20.124.48.109 20.124.48.109	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	13.35.93.124 13.35.93.124	16509 (AMAZON-02) (AMAZON-02)
1 1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:19::8	15169 (GOOGLE) (GOOGLE)
2	3.231.238.170 3.231.238.170	14618 (AMAZON-AES) (AMAZON-AES)
11	23.206.252.53 23.206.252.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:261... 2600:9000:261f:4800:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:31::1739:5a51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
2	54.237.172.131 54.237.172.131	14618 (AMAZON-AES) (AMAZON-AES)
6	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
211	32

34 162.159.137.54 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

theipfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80e::2002 (United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.176.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.164 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.34.122 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-34-122.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-99.ewr53.r.cloudfront.net

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.133.71.175 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.124.48.109 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-124.jfk50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:19::8 (United States)

ASN15169 (GOOGLE, US)

r3---sn-q4fl6n6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.238.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-238-170.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.206.252.53 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-252-53.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:4800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:31::1739:5a51 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.172.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-172-131.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	1 MB
34	theipfire.com 1 redirects theipfire.com	787 KB
29	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015	261 KB
17	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1052 d9.flashtalking.com — Cisco Umbrella Rank: 1922 cdn.flashtalking.com — Cisco Umbrella Rank: 1279 ad-events.flashtalking.com — Cisco Umbrella Rank: 1378 stat.flashtalking.com — Cisco Umbrella Rank: 1448 secure.flashtalking.com — Cisco Umbrella Rank: 2672	230 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2	130 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	109 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	139 KB
7	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3270 data.ad-score.com — Cisco Umbrella Rank: 3128	162 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r3---sn-q4fl6n6r.c.2mdn.net — Cisco Umbrella Rank: 115518 s0.2mdn.net — Cisco Umbrella Rank: 328	28 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 11441	966 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1056 s.tribalfusion.com — Cisco Umbrella Rank: 2588	1 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1818 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1459	29 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3005 pixel.wp.com — Cisco Umbrella Rank: 2945	3 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1737	63 KB
1	temu.com 1 redirects www.temu.com — Cisco Umbrella Rank: 3640	516 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3218	1 KB
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7175	488 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7144	553 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 964	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 810	544 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	66 KB
211	25

	Domain	Requested by
35	pagead2.googlesyndication.com	theipfire.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
34	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
34	theipfire.com	1 redirects theipfire.com
16	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	fundingchoicesmessages.google.com	theipfire.com pagead2.googlesyndication.com
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
6	data.ad-score.com	js.ad-score.com
6	cdn.flashtalking.com	ajs-assets.ftstatic.com cdn.flashtalking.com
6	www.googleadservices.com	theipfire.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	stat.flashtalking.com
4	csi.gstatic.com	imasdk.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	theipfire.com www.googletagmanager.com www.google-analytics.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	ad-events.flashtalking.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	r3---sn-q4fl6n6r.c.2mdn.net
2	rtb2-useast.e-volution.ai	2 redirects
2	servedby.flashtalking.com	googleads.g.doubleclick.net
1	secure.flashtalking.com
1	s0.2mdn.net	cdn.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	gcdn.2mdn.net	1 redirects
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.temu.com	1 redirects
1	a.rfihub.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	pixel.wp.com	theipfire.com
1	www.googletagmanager.com	theipfire.com
1	stats.wp.com	theipfire.com
211	44

This site contains no links.

Subject Issuer	Validity	Valid
theipfire.com Cloudflare Inc ECC CA-3	`2023-07-30` - `2024-07-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
tls.adobe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2025-02-11`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 24 frames:

Primary Page: https://theipfire.com/category/premium-accounts/
Frame ID: F19CB20B84F1D11F68903F031D824DCF
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 2642BA0BD164FDDED2336806ED06DDC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=292573710&adf=122335113&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196155&bpp=15&bdt=873&idt=613&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3088785840123&frm=20&pv=2&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=696
Frame ID: 48DBD6EED3D9BA14E008FA83192BCEBC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500
Frame ID: B62ACAC74183FD4E9B8B326A5194136A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=90&slotname=5969432110&adk=2847260092&adf=1549381177&pi=t.ma~as.5969432110&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=2&format=1200x90&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196496&bpp=2&bdt=1213&idt=512&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEebr%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=529
Frame ID: 566540CF915C6910C8C89E8D6C9EBEA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&adk=1812271804&adf=3025194257&lmt=1708226703&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196636&bpp=18&bdt=1354&idt=430&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280%2C1200x90&nras=1&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=470
Frame ID: 2DA4701AFC34F9CB5E8B44AAAAC1B81F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiLjIWAAjAB&v=APEucNWqCWI7tg9UJruVPEy_rOVOZEdRlPJSSEci-XcKHeZGdQIrxcjzjsN-GyjCIFyil-lQKODDs7ETInIp_ZUHjMH1VOVkbsMwM2kFfTLVbBBla2DWd8E
Frame ID: FB993F92C7F54561855615287044BB50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1002E311F564D4E017889A6D5AD6E957
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 96C7195D3823D83E5FF61F887084E793
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20
Frame ID: 012A93773219B479234DFA3E41E75C1A
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 4E6DBC38B6945C549A7245491FEB9A95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A4BC09BD6EB2A4355D3D3364BE644E00
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A3ED69DDC77E01C91750F171FE3BAFE1
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D2CA9E8A86196025E04FA0C2ECE45B80
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5AD859F61136B4D68EB3AC682514FDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFF8D62E4E158448EE28D199B8E39B1E
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 2E00333C7F6896372D7D0956AE19E04D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 109AD1B31623E9286BE4947782FB43B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 28CBB8DFC95399FABBC5EDD0EC29BD01
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
Frame ID: D5411C375E068C8C55A660DE83F8C039
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCDFBF4390E6AA4B1E1F9C4B7068E80E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E303A71C747C362F26720B920051D7A4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F369C4E6A5D38D2B33369066A4581842
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: F2C9DF68343483168E7C07C3EBBA7296
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Premium Accounts Archives - theIPFIRE

Page URL History Show full URLs

http://theipfire.com/category/premium-accounts/ HTTP 301
https://theipfire.com/category/premium-accounts/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

91 %
HTTPS

45 %
IPv6

25
Domains

44
Subdomains

32
IPs

3
Countries

3176 kB
Transfer

9306 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theipfire.com/category/premium-accounts/ HTTP 301
https://theipfire.com/category/premium-accounts/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=C42pABIjSZc6NOa-Wrr4P_LaNyAbSwIL5ddGd7tzVEpbRyM_gARABIOnIg5UBYMmGgIDco8QQoAHd8KrAKsgBCagDAcgDywSqBOUBT9BlX20VVQrliOph0LQybJzt6XH4ZaGJ8VZsaADB_UORhkGP983XIhfAKY6NycUMQK9g1WVoU7kFhQcAnyb08aOTFIAjdKFHeVtsnWyOO9RsF08sKLAtS3lsi_-csrDsiVsWQ9Qf_nmnBIlruSLBKqxUduA7W7HnLhthsiSzzZRWxMefUiqTUWmxK_Jxk7UMfOr8C6UPTId6H2dsalaAbA9oS_MkKRJ5fLBkNKIrvFvIaUVUdphoxqb224qdBFt6pvErLcSSctDU-YQAqPlY4gwHSl7ua7XxG5Vsbr7R1n7lKxl4A8AEmoPW9NQEiAXGo9qaTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEELfNC9IIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliB6vSf-7WEA5oJhgFodHRwczovL3BkZml4ZXJzLmNvbS9maXhlclBkZi5odG1sP2NhbXBhaWduX2lkPTIwOTkzOTcwNjMwJmFkZ3JvdXBfaWQ9MTYwMjMyMjEwODQyJnBsYWNlbWVudF9pZD10aGVpcGZpcmUuY29tJmNyZWF0aXZlX2lkPTY5MDYxODAyNDg4NoAKAcgLAdoMEQoLEICD77eww4aRtgESAgEDuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00Nzk4NzYyMjQ3ODA5NTMyGAA&sigh=mgTyL-jP85A&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_5wcRAP6uBAXPCefZXzp4ThuCzzYRzf1K7r44FKVWaAErYxcwKvjk8zcwSVr-lwIYTBRQPaEuVMrQFjJSZHsNcWKIe6tvS96LG9sYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681f02eae1c550000000000000000%22,%224%22:%220x1970bd1990b567e00000000000000000%22,%225%22:%220xfa6777a81024e6830000000000000000%22},%22debug_key%22:%2211601397244283355509%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212842598558270573265%22}&andc=true

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1&gdpr=0

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdKIBsAoJXEAAG1GACJXRQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEA4yQBMt53XWRnhIz0-3ufI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA4yQBMt53XWRnhIz0-3ufI%26google_cver%3D1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyMjA1MjI1NzM3OTY3MjUwOA%3D%3D

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=C8pl4BIjSZc28O9Surr4Poo6t6AHSwIL5dfb54qSuEmQQASDpyIOVAWDJhoCA3KPEEKAB3fCqwCrIAQmoAwHIA8sEqgTuAU_Q-qAnaw_i--StjpYuDTNsJ3uw0tSUlGDxcWIY2V6TjgmOGodtg3oICrguZHvmyz77_dyXpNhb0NpCqwquX2-a5wv488Jdbp0ZkypregpDZiDRenAjNQ8oaCH-HCYbCjjC_XdclwT5I6iIUtYu6rs_36Ptp4Jfl8g_t2uqyVZgu5ZwzszaHfpeQrwgmZ8DjFaoHjQ_09rM-jIBAXYF45NH1eWe9i45xA9Ijhu6PmAuYlX4dQjPVgA7Pkkznpfs4WyHsUEoUKeluEA3K6p7AvycowZ05YPUAsarL-qmydVTEKOqSyStWfi7nL-PuXbABLqE1vTUBIgFxqPamk6SBQQIBBgBkgUECAUYBKAGLoAH3aj7nwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDKiAvSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpY1pP3n_u1hAOaCYkBaHR0cHM6Ly9wZGZpeGVycy5jb20vZG93bmxvYWRQcmUuaHRtbD9jYW1wYWlnbl9pZD0yMDk5Mzk3MDYzMCZhZGdyb3VwX2lkPTE2MDIzMjIxMTAwMiZwbGFjZW1lbnRfaWQ9dGhlaXBmaXJlLmNvbSZjcmVhdGl2ZV9pZD02OTAxNjE5ODMxOTOACgHICwHaDBEKCxDQzJ3CxNLI2dQBEgIBA7gT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNDc5ODc2MjI0NzgwOTUzMhgA&sigh=jkoLJJXjaGE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_cxYQnGjeDfZpylbqIadvKcRhYTMNS0ErlXMJMTEGPK7qCBaV50msORpw72Mx-YHaE7JvIYh0300c7AfNwLsFTwL40rEXYluZQhMYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681f02eae1c550000000000000000%22,%224%22:%220xcd40ece8b2c6c1050000000000000000%22,%225%22:%220xfa6777a81024e6830000000000000000%22},%22debug_key%22:%2212165603969962262514%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212383071903329449761%22}&andc=true

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 152

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJFjW2a1PHHFNSFIswU_WaM&google_cver=1&google_push=AXcoOmR1zn0meq6qZGH5kKo8Vrx4FDqU-55xfl-83Pi14KTjN4HnZG2ua1cfuDt4ArcFmDC2v5DokrYHTgvPGTuVovSp4q-MhVgnBTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJFjW2a1PHHFNSFIswU_WaM&google_push=AXcoOmR1zn0meq6qZGH5kKo8Vrx4FDqU-55xfl-83Pi14KTjN4HnZG2ua1cfuDt4ArcFmDC2v5DokrYHTgvPGTuVovSp4q-MhVgnBTg

Request Chain 153

https://um.simpli.fi/gp_match?google_gid=CAESEN3l_JlmKD3Q96iSO_WdKSs&google_cver=1&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYiZCkx1zyG3twXlk7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E841C021C2DF4F52AF7FFB302C4E03A7&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYiZCkx1zyG3twXlk7Q

Request Chain 154

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKVAJurPOFy-K9osM0ZPrZ4&google_cver=1&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl7eop0XOFW3aajr8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxeSuZgBT0Q2XCUR10v0tg&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl7eop0XOFW3aajr8

Request Chain 155

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPHGWWnYtFljJ8_MP40WUNg&google_cver=1&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEPHGWWnYtFljJ8_MP40WUNg%26google_cver%3D1%26google_push%3DAXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A3270397971712347764&exchange=193&google_gid=CAESEPHGWWnYtFljJ8_MP40WUNg&google_cver=1&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMyNzAzOTc5NzE3MTIzNDc3NjQ&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg

Request Chain 156

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPFhHvwPa-X_2Bn5Iysm5Hw&google_cver=1&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiUCcqclQJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiUCcqclQJ8&google_hm=ODAzMjcxMjMzNzk1MTk4MDM2MA==

Request Chain 157

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOINRC0KzV8xLfPvU1o7MwQ&google_cver=1&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSumcHq_OLBklg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSumcHq_OLBklg

Request Chain 159

https://googleads.g.doubleclick.net/pagead/adview?ai=CUzNTBojSZcmHI920oPMP9b2bmAe0jo71dbjJy6LdEbKQHxABIOnIg5UBYMmGgIDco8QQoAH34pu0KMgBAqgDAcgDyQSqBOYBT9B0ya3_a3ugQiPdZ3oFcWyLQs87FOpIbplsgIEBzN6i0wARID7z1NVAPXR83IExFVrTFmSGTJ4Xzs3WRG4uese-ZVBKHM2PgH_04cJmof7rz73BmfFCOy7iZ3NbcMyMlknz3XQZKsOQfxrF8MpGHkFzHSDr6kCLlqB89w7dhF_AtXOJg_ZJVJiE6Q42Fc5xIpd_UCEob7TFpsu-Sk9dn5KMtWejYtNMPrjwWMIYFd2hdJij3E-OqfKOV9C72t4xv2Djsp04qF-LFxh1C65WPfc5LpLWnlTPjIcYvQEqgD0PhlnNGwfABNySwPnBBIgFs7XInU2SBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCL5QLSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYrv3YoPu1hAOaCTpodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2NhbXBhaWduPTIwNzMxNTM0MDAzgAoByAsB2gwRCgsQwOncsanFsJ2eARICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItNDc5ODc2MjI0NzgwOTUzMhgA&sigh=_gbiy_VoTzQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_OFeMDzdZOQSwcS6NVUelqZOTD9qMW43ZMN0QM_tnPBy5yXFc7b4cJll-TWSXiUco_raqZSmLcRgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2104e3c397494fcd0000000000000000%22,%222%22:%220x8d2a642223252c60000000000000000%22,%223%22:%220x93ff92ba987ad210000000000000000%22,%224%22:%220x51f41da032c0b400000000000000000%22,%225%22:%220xca4bb7bb4d2e24440000000000000000%22},%22debug_key%22:%224593090289220782844%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223784124100078212593%22}&andc=true

Request Chain 173

https://gcdn.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9D5ACA4E6DACB5455C72E1C11945BC8CC96AA06B.366EA2359AE4CE68776388278ED0552A32E3156B/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FE5D6B70DBD3F507CDCDF059571D3D155F668E6.802466839C91AD15E65DBA59863D791AF19FF1EC/key/cms1/cms_redirect/yes/mh/m_/mip/2001:550:1d05:1::9/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1708295561/mv/m/mvi/3/pl/48/file/file.mp4

211 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theipfire.com/category/premium-accounts/
Redirect Chain

http://theipfire.com/category/premium-accounts/
https://theipfire.com/category/premium-accounts/

85 KB
16 KB

196ms
122ms

Document
text/html

162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51500d2bc70ebe5cd4b1ce9860576c38c629d737f5ac7c699359435b04c71272

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 8579c9b3dabb3349-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 22:43:15 GMT
expires: Sun, 18 Feb 2024 03:25:02 GMT
last-modified: Sun, 18 Feb 2024 03:25:03 GMT
link: <https://theipfire.com/wp-json/>; rel="https://api.w.org/", <https://theipfire.com/wp-json/wp/v2/categories/180>; rel="alternate"; type="application/json"
server: cloudflare
server-timing: wp-before-template;dur=207.56
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: MISS
CF-Ray: 8579c9b27b5331e6-MIA
Connection: keep-alive
Content-Type: text/html
Date: Sun, 18 Feb 2024 22:43:15 GMT
Location: https://theipfire.com/category/premium-accounts/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
theipfire.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 69ms
62ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 01:08:07 GMT
server: cloudflare
age: 1607027
etag: W/"65b99d77-1ae43"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac413349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mediaelementplayer-legacy.min.css
theipfire.com/wp-includes/js/mediaelement/ 11 KB
3 KB 97ms
90ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:55 GMT
server: cloudflare
age: 880501
etag: W/"64815db7-2bf8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac433349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wp-mediaelement.min.css
theipfire.com/wp-includes/js/mediaelement/ 4 KB
1 KB 65ms
59ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:58 GMT
server: cloudflare
age: 1607027
etag: W/"64815dba-105a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac453349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 blocks.style.build.css
theipfire.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 0
135 B 72ms
67ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.80
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 Dec 2023 05:07:50 GMT
cf-bgj: minify
server: cloudflare
age: 1391281
etag: W/"6590f726-ad"
cf-polished: origSize=173
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac463349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
theipfire.com/wp-content/plugins/ad-ace/assets/css/ 7 KB
2 KB 82ms
77ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.26
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:57 GMT
server: cloudflare
age: 2366257
etag: W/"64815db9-1a34"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac473349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 shoppable-images-front.min.css
theipfire.com/wp-content/plugins/ad-ace/assets/css/ 6 KB
1 KB 68ms
62ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.26
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:57 GMT
server: cloudflare
age: 2366257
etag: W/"64815db9-19e6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac4a3349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
theipfire.com/wp-content/plugins/td-composer/td-multi-purpose/ 38 KB
5 KB 80ms
75ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:00:29 GMT
cf-bgj: minify
server: cloudflare
age: 2366257
etag: W/"657c6a0d-9748"
cf-polished: origSize=38728
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac4b3349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
theipfire.com/wp-content/plugins/td-composer/mobile/ 85 KB
18 KB 86ms
81ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/td-composer/mobile/style.css?ver=12.6.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c342b1a4eccce2ad99189632cb26b9253bd6d687216b657dfdb820b323389a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:00:29 GMT
cf-bgj: minify
server: cloudflare
age: 168332
etag: W/"657c6a0d-1c18b"
cf-polished: origSize=115083
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac4e3349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 roboto.css
theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/ 37 KB
3 KB 84ms
80ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c74fd25e871a77d9dfedd8bc3240844332a001ef0358293bf4b1a43bc3c9f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:01:59 GMT
cf-bgj: minify
server: cloudflare
age: 2366257
etag: W/"65ae6747-abb2"
cf-polished: origSize=43954
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac503349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
theipfire.com/wp-includes/js/jquery/ 86 KB
31 KB 66ms
62ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 01:11:54 GMT
server: cloudflare
age: 2366257
etag: W/"654ae05a-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4ac553349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
theipfire.com/wp-includes/js/jquery/ 13 KB
5 KB 106ms
101ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 01:10:25 GMT
server: cloudflare
age: 817088
etag: W/"64d2e781-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcae3349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 slot-slideup.js Show response
theipfire.com/wp-content/plugins/ad-ace/assets/js/ 1 KB
627 B 102ms
98ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/ad-ace/assets/js/slot-slideup.js?ver=1.3.26
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9328556f63942f9089a040bd722c33207fb02d13db175e06a780a98477a567

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:57 GMT
cf-bgj: minify
server: cloudflare
age: 2365796
etag: W/"64815db9-6cf"
cf-polished: origSize=1743
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb03349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 shoppable-images-front.js Show response
theipfire.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/ 1 KB
659 B 100ms
97ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.26
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91c0cdaaf3c96c15bca3130b80c11456577bbc4b0a3178f73598052d8212018

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:49:00 GMT
cf-bgj: minify
server: cloudflare
age: 2365796
etag: W/"64815dbc-700"
cf-polished: origSize=1792
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb33349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 coupons.js Show response
theipfire.com/wp-content/plugins/ad-ace/assets/js/ 1 KB
612 B 110ms
106ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.26
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61860eb0af368075cd1201457d143552abf04c8841bf218653813317e9c3f11d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:57 GMT
cf-bgj: minify
server: cloudflare
age: 877480
etag: W/"64815db9-615"
cf-polished: origSize=1557
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb43349-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtag.js Show response
theipfire.com/wp-content/uploads/breeze/google/ 272 KB
94 KB 60ms
60ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/gtag.js?id=GT-MKP7VNN
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1423ac61eb9bfd822b10571121eac03cca4a4a6cc81b3e48318a438d7f09af19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 12:49:37 GMT
cf-bgj: minify
server: cloudflare
age: 2367531
etag: W/"65ae6461-444e9"
cf-polished: origSize=279785
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b57a695c7b-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 267ms
114ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b338acef02b33cbea240f011e1570899be6810ef7237bb0b90c7b490b5cd10ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51899
x-xss-protection: 0
server: cafe
etag: 18183628693604646272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 18 Feb 2024 22:43:15 GMT

GET
H2 200 pub-4798762247809532 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 345ms
104ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4798762247809532?ers=1

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1d3eeb9571c705ba1063d4090252b8ebba1850b377cbddb8f7551bbcf390a16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eHovAGsckl9mpk6wmthwsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-eHovAGsckl9mpk6wmthwsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KAhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejuYJp9axCTQs6T3EDAADeEjI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtag.js Show response
theipfire.com/wp-content/uploads/breeze/google/ 272 KB
94 KB 114ms
113ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/gtag.js?id=G-76SMSVBKSX
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1423ac61eb9bfd822b10571121eac03cca4a4a6cc81b3e48318a438d7f09af19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 12:49:37 GMT
cf-bgj: minify
server: cloudflare
age: 77410
etag: W/"65ae6461-444e9"
cf-polished: origSize=279785
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b70d425c7b-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 243ms
114ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4798762247809532

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db0594bbba5ec371d039882d7bfdaf92fd5b9f6bef8b7490a0cf73bfc1dcc609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51797
x-xss-protection: 0
server: cafe
etag: 12164667385879075829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 18 Feb 2024 22:43:16 GMT

GET
H2 200 tagdiv_theme.min.js Show response
theipfire.com/wp-content/plugins/td-composer/mobile/js/ 96 KB
24 KB 103ms
100ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/td-composer/mobile/js/tagdiv_theme.min.js?ver=12.6.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd1f5d35ac2f2f065c49a31bc97ecf2f20d63ddd3212fce9a2bbdb4e95a1440

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:00:29 GMT
server: cloudflare
age: 2236072
etag: W/"657c6a0d-17f82"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb53349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 e-202407.js Show response
stats.wp.com/ 7 KB
3 KB 118ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202407.js
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT mia
date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356353.6772
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 10 Feb 2025 15:38:56 GMT

GET
H2 200 ads.js Show response
theipfire.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 669 B
405 B 103ms
101ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.80
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef92eea4642ac1d2e7a7b90ddfbc630d228139318b9bf8be0e274b3efacc09e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 Dec 2023 05:07:50 GMT
cf-bgj: minify
server: cloudflare
age: 2367078
etag: W/"6590f726-3c8"
cf-polished: origSize=968
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb63349-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tdAjaxSearch.js Show response
theipfire.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 6 KB
2 KB 97ms
95ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:00:29 GMT
cf-bgj: minify
server: cloudflare
age: 2367078
etag: W/"657c6a0d-1801"
cf-polished: origSize=6145
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b4dcb73349-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
theipfire.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 87ms
73ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jan 2024 07:14:43 GMT
server: cloudflare
age: 2178007
etag: W/"65b0b8e3-1ed2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9b81f6d5c7b-MIA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 1758c39e-f0c9-40d5-8c2a-5730d1cba76f
https://theipfire.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theipfire.com/1758c39e-f0c9-40d5-8c2a-5730d1cba76f
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 2642 9 KB
5 KB 278ms
70ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 19:13:37 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 19:13:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 319ms
82ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-258159127-1&l=dataLayer&cx=c

Requested by

Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/gtag.js?id=GT-MKP7VNN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5daf2556a694914d46537ad6440f304aea0be7aed3596ee67d9e3afd693bc939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66790
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Feb 2024 22:43:16 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 241ms
79ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76SMSVBKSX&gtm=45je41h0v9103191004&_p=1708296195429&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=676940657.1708296196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1708296195&sct=1&seg=0&dl=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&dt=Premium%20Accounts%20Archives%20-%20theIPFIRE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=906
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/gtag.js?id=GT-MKP7VNN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theipfire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53ec9a241c6be1d88ebb797faa9c944ab3c4952cef609e363f2469f04fb9b234

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mobile-theme.woff
theipfire.com/wp-content/plugins/td-composer/mobile/images/icons/ 28 KB
19 KB 72ms
60ms Font
application/font-woff 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/plugins/td-composer/mobile/images/icons/mobile-theme.woff?16
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/plugins/td-composer/mobile/style.css?ver=12.6.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4d08abd55347caa64f1f6dbcf16486e8f91a4c95eadfc6606bd4682433c53c

Request headers

Referer: https://theipfire.com/wp-content/plugins/td-composer/mobile/style.css?ver=12.6.3
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:00:29 GMT
server: cloudflare
age: 2367532
etag: W/"657c6a0d-6e70"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=31536000
cf-ray: 8579c9b85fee5c7b-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/ 15 KB
16 KB 96ms
85ms Font
application/font-woff2 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:15 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 12:49:36 GMT
server: cloudflare
age: 2367532
etag: "65ae6460-3d80"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9b85fef5c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15744

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/ 15 KB
16 KB 69ms
67ms Font
application/font-woff2 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 12:49:37 GMT
server: cloudflare
age: 2367533
etag: "65ae6461-3df4"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9b909355c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15860

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/ 16 KB
16 KB 74ms
68ms Font
application/font-woff2 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Request headers

Referer: https://theipfire.com/wp-content/uploads/breeze/google/fonts/roboto/roboto.css
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 12:49:36 GMT
server: cloudflare
age: 2367533
etag: "65ae6460-3e30"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9b979ea5c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15920

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 407 KB
138 KB 124ms
115ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

823911a72a61f4701d1770aa2e3467a5d4f735cfc7f6ebfa52f29c8c090bd102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141258
x-xss-protection: 0
server: cafe
etag: 17378765004334169347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:43:16 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 728ca1acf0372ec4c0e56b8adcb0e07422f9613b4c61405c4c9da2cf6550146a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b19eafa13f23d6d4b29bea17d036e1c7c0b2c1043708ec097007d53872559071

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1c81fe11d1bd086d5a8708d4aa0c22c4f7679e06de4e5ae97be8cfac8bef0a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 247ms
238ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4798762247809532

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edec834ea607ecab16fc0db38b4f4bd9ad5b2c28c4cd59ceecfb766f03cc65b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Origin: https://theipfire.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51880
x-xss-protection: 0
server: cafe
etag: 15355171021926459176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 18 Feb 2024 22:43:16 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70f0c830d1083fd173e4e76d873cb8fccb09f72bf57450a608a0005bf9130f8a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 156ms
116ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: theipfire.com
URL: https://theipfire.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18ad96a3e9e2ce96f378f34c7ab7efee95699fb744a0b8e45e63ac6aba63d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52216
x-xss-protection: 0
server: cafe
etag: 16668004249837399374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 18 Feb 2024 22:43:16 GMT

GET
H2 200 AGSKWxVF_DUUFtmu18_bTtsXCdITykwdqt9Joc-SB27ymwLgvS5vt8qWsqdzVrUQnwJf-8YGG5T4bypXjMrwcUn7dQxmcGOroJhf4pxd_pAX9ErYJp8JLeVYihfeUG2D-tVP0b9SIYQb7g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 131ms
100ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVF_DUUFtmu18_bTtsXCdITykwdqt9Joc-SB27ymwLgvS5vt8qWsqdzVrUQnwJf-8YGG5T4bypXjMrwcUn7dQxmcGOroJhf4pxd_pAX9ErYJp8JLeVYihfeUG2D-tVP0b9SIYQb7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4Mjk2MTk2LDYwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aGVpcGZpcmUuY29tL2NhdGVnb3J5L3ByZW1pdW0tYWNjb3VudHMvIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35c29c3a54f9b44e7a65ea0b24c8ae203a98dc9ff6b8728e32c70f5393781b52

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CbGU1YDuzm0zz2dBb10MZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CbGU1YDuzm0zz2dBb10MZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Olgmn1rEJzJjTdYwJAN9VQ90"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 128ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=208481481&post=0&tz=5.5&srv=theipfire.com&j=1%3A13.1.1&host=theipfire.com&ref=&fcp=1178&rand=0.02784387475079897
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Feb 2024 22:43:16 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
57ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-258159127-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Feb 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3094
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 18 Feb 2024 23:51:42 GMT

GET
H3 200 wp-emoji-release.min.js Show response
theipfire.com/wp-includes/js/ 18 KB
5 KB 111ms
98ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theipfire.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:48:57 GMT
server: cloudflare
age: 1584814
etag: W/"64815db9-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8579c9bdeaf15c7b-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48DB 118 KB
40 KB 710ms
681ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=292573710&adf=122335113&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196155&bpp=15&bdt=873&idt=613&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3088785840123&frm=20&pv=2&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=696

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55f4d646a1b07317c488a042915c64b4185fa21b7f21db001faba5dc10807242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:17 GMT
expires: Sun, 18 Feb 2024 22:43:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B62A 118 KB
40 KB 765ms
761ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a604b00a9612a62c733c2a1297147925af4a9336023fecca8052eb79ca7c6e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40964
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:17 GMT
expires: Sun, 18 Feb 2024 22:43:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5665 33 KB
13 KB 791ms
771ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=90&slotname=5969432110&adk=2847260092&adf=1549381177&pi=t.ma~as.5969432110&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=2&format=1200x90&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196496&bpp=2&bdt=1213&idt=512&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEebr%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=529

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db4c13925e552901075af6bf79d1c7af3d55f70a5179e17b0c358bb405bb20db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12954
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:17 GMT
expires: Sun, 18 Feb 2024 22:43:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DA4 351 KB
75 KB 959ms
952ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&adk=1812271804&adf=3025194257&lmt=1708226703&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196636&bpp=18&bdt=1354&idt=430&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280%2C1200x90&nras=1&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=470

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc805a04535caf035727fb710786c2bc606170caa2f4d81165fb71ee6e2c30a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 76475
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:17 GMT
expires: Sun, 18 Feb 2024 22:43:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 79ms
78ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=205173585&t=pageview&_s=1&dl=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&ul=en-us&de=UTF-8&dt=Premium%20Accounts%20Archives%20-%20theIPFIRE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=61749323&gjid=770496770&cid=676940657.1708296196&tid=UA-258159127-1&_gid=653242336.1708296197&_r=1&gtm=457e42e0z89103191004za200&gcs=G1--&gcd=13l3l3l3l5&dma=0&tcfd=10000&jsscut=1&z=950003240

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theipfire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logoog.png
theipfire.com/wp-content/uploads/2023/07/ 2 KB
3 KB 139ms
108ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/07/logoog.png
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a988f2f6d260fb12591bb1e30fcc609013f2a4266d22e561fe528cedf6a1c6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
age: 2367533
cf-polished: origFmt=png, origSize=4180
content-disposition: inline; filename="logoog.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2322
last-modified: Sun, 30 Jul 2023 14:08:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "64c66ece-1054"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9c09fdc5c7b-MIA

GET
H3 200 premium-1-jpg.webp
theipfire.com/wp-content/uploads/2024/01/ 48 KB
48 KB 140ms
109ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2024/01/premium-1-jpg.webp
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4e6431a65758358d748604c291ea6c1fbccbd5b102fa94263ab47572c3839b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 12:39:47 GMT
server: cloudflare
age: 583949
etag: "6596a713-bf5a"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9c09fdd5c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 48986

GET
H3 200 free-accounts-5.jpg
theipfire.com/wp-content/uploads/2023/10/ 88 KB
88 KB 100ms
69ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/10/free-accounts-5.jpg
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b44d3bc6bd0ba9649945486f76ad68f311bca06f73a10ca8fb6f3e801998ede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 11:53:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 14119
etag: "653a533c-16e8c"
cf-polished: origSize=93836
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9c09fdf5c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 90284

GET
H3 200 free-Delivery.jpg
theipfire.com/wp-content/uploads/2023/02/ 84 KB
84 KB 200ms
179ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/02/free-Delivery.jpg
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3be3ab0e5eeca703625b373b4eacf8ad53fa714d3c8956ca1b9696ac859987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:45:19 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 14119
etag: "64815cdf-174ec"
cf-polished: origSize=95468
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9c09fe15c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 85606

GET
H3 200 free-Accounts-1.jpg
theipfire.com/wp-content/uploads/2023/10/ 102 KB
102 KB 251ms
230ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/10/free-Accounts-1.jpg
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ca7afbfdeb9708a327caa7f472e905aabffbc9d22519090b29b28803f8afb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Oct 2023 11:34:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "652a7caa-1aa6a"
cf-polished: origSize=109162
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8579c9c09fe75c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 104660

GET
H3 200 theipfire.com-5.png
theipfire.com/wp-content/uploads/2023/06/ 25 KB
25 KB 335ms
314ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/06/theipfire.com-5.png
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db58b65a3db4ed556442a9a8684832434edeed917f7f88ec40b819f3b8a9be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2023 14:59:44 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "648732e0-11a7d"
cf-polished: origFmt=png, origSize=72317
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="theipfire.webp"
accept-ranges: bytes
cf-ray: 8579c9c09fe95c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25552

GET
H3 200 margaret.png
theipfire.com/wp-content/uploads/2023/01/ 46 KB
46 KB 341ms
321ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theipfire.com/wp-content/uploads/2023/01/margaret.png
Requested by: Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581956944e4dfca3a5a72372eb33498c588c031b3c14caee66f960fe1356bbfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/category/premium-accounts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 04:46:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "64815d23-13e3e"
cf-polished: origFmt=png, origSize=81470
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="margaret.webp"
accept-ranges: bytes
cf-ray: 8579c9c09fea5c7b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 46602

GET
H2 200 css
fonts.googleapis.com/ Frame 48DB 4 KB
1 KB 347ms
71ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=292573710&adf=122335113&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196155&bpp=15&bdt=873&idt=613&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3088785840123&frm=20&pv=2&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 22:14:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:43:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 48DB 2 KB
903 B 325ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/244323036456130487/ Frame 48DB 8 KB
9 KB 362ms
113ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/244323036456130487/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd6e9eca257fd55109291cb996429e05298804a5e3c5ab7c36412a48445e4fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 15:12:52 GMT
date: Thu, 15 Feb 2024 15:12:52 GMT
x-content-type-options: nosniff
age: 286225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8561
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 08:30:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame 48DB 3 KB
3 KB 377ms
130ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:26:18 GMT
date: Thu, 15 Feb 2024 16:26:18 GMT
x-content-type-options: nosniff
age: 281819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 48DB 23 KB
9 KB 282ms
67ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:15:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 48DB 3 KB
1 KB 361ms
139ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 48DB 20 KB
8 KB 261ms
46ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 48DB 204 KB
61 KB 67ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:01:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 48DB 36 KB
15 KB 281ms
63ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H3 200 waterad2. Show response
fundingchoicesmessages.google.com/f/AGSKWxVrkVtyqB7YTGQDsFlqfhaoKQTv7d2G6FaaQ2No3Su89OVtn8PJkZCCfX6MyGzCPR6FykMEFfr3iuSIytQ9FHgGXRoJbBvs_ck56P9zTGbgZvIkByG2_Ys1D1V9pOFni4XDPpIRq4sorkvGnlQ9G7HpXZ6JD... 54 B
109 B 124ms
122ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrkVtyqB7YTGQDsFlqfhaoKQTv7d2G6FaaQ2No3Su89OVtn8PJkZCCfX6MyGzCPR6FykMEFfr3iuSIytQ9FHgGXRoJbBvs_ck56P9zTGbgZvIkByG2_Ys1D1V9pOFni4XDPpIRq4sorkvGnlQ9G7HpXZ6JDN0258LQDgxrB50i-eBSXi9RyA2-P_x9/_-300-250..com/ads--ad-exo--ad-right./waterad2.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4af7186ad8042770d3580b77892188da8e4e55a413e4b476acb666d3c32bbb8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dlfHgmVFF1H0ZekTgCFk2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dlfHgmVFF1H0ZekTgCFk2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KchxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejtYJp9axCdxY8PA5EwAQz0mm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 97ms
96ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 21:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30993
x-xss-protection: 0
server: cafe
etag: 5655574714832874877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:52:35 GMT

POST
H3 204 AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 325ms
184ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aY8vUBidwVW18FZsqGC1SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aY8vUBidwVW18FZsqGC1SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0Tji1jk3gw88Tq5gBAl8Y1A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://theipfire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B62A 4 KB
752 B 248ms
85ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 22:38:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:43:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B62A 2 KB
856 B 303ms
140ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame B62A 23 KB
9 KB 290ms
144ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:15:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B62A 3 KB
1 KB 287ms
141ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B62A 20 KB
8 KB 201ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B62A 204 KB
61 KB 109ms
106ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:01:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame B62A 36 KB
15 KB 228ms
84ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/244323036456130487/ Frame B62A 8 KB
8 KB 265ms
124ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/244323036456130487/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd6e9eca257fd55109291cb996429e05298804a5e3c5ab7c36412a48445e4fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 15:12:52 GMT
date: Thu, 15 Feb 2024 15:12:52 GMT
x-content-type-options: nosniff
age: 286225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8561
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 08:30:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame B62A 3 KB
3 KB 278ms
138ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:26:18 GMT
date: Thu, 15 Feb 2024 16:26:18 GMT
x-content-type-options: nosniff
age: 281819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 203ms
190ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-47lUZuR1IeC6HfR7Eqvkxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-47lUZuR1IeC6HfR7Eqvkxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0Tji1jk1gw7kvW5kBAJEYng"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://theipfire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 199ms
189ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GsYupA0z83KPyBmgqE6Zhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GsYupA0z83KPyBmgqE6Zhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0Tji1jk3gxv69W5kBATIYgw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://theipfire.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 201ms
190ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SI49WjL4ZQ5G4lU6dD7hAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SI49WjL4ZQ5G4lU6dD7hAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0Tji1jk2gY8Gz7cwA_xoYPQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://theipfire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVQZTuANsU9UcjLzAICjK4wpVOz_21mfwvY6OaW3FbxWsQ0i_dBFs-uuLp6gCF_G4yGslX5x-vTBDxmFsPE3edzytjCkoMhjbERhqdxT2MDY8N3qT4AF2upm7uGRyXcSv5Dg05VkA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 195ms
192ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVQZTuANsU9UcjLzAICjK4wpVOz_21mfwvY6OaW3FbxWsQ0i_dBFs-uuLp6gCF_G4yGslX5x-vTBDxmFsPE3edzytjCkoMhjbERhqdxT2MDY8N3qT4AF2upm7uGRyXcSv5Dg05VkA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4Mjk2MTk3LDg3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGhlaXBmaXJlLmNvbS9jYXRlZ29yeS9wcmVtaXVtLWFjY291bnRzLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

461d270552b2fcf05c2f9af34665eab90441628d0ae96bc6f2890dbf334c4acc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GQmtZ4ii_yGnaLqLyDTxqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-GQmtZ4ii_yGnaLqLyDTxqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O1gmn1rEJzJg5fT8zANz2Q94"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FB99 645 B
258 B 220ms
130ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiLjIWAAjAB&v=APEucNWqCWI7tg9UJruVPEy_rOVOZEdRlPJSSEci-XcKHeZGdQIrxcjzjsN-GyjCIFyil-lQKODDs7ETInIp_ZUHjMH1VOVkbsMwM2kFfTLVbBBla2DWd8E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=90&slotname=5969432110&adk=2847260092&adf=1549381177&pi=t.ma~as.5969432110&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=2&format=1200x90&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196496&bpp=2&bdt=1213&idt=512&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEebr%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=529

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=90&slotname=5969432110&adk=2847260092&adf=1549381177&pi=t.ma~as.5969432110&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=2&format=1200x90&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196496&bpp=2&bdt=1213&idt=512&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEebr%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=529
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:18 GMT
expires: Sun, 18 Feb 2024 22:43:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1002 93 KB
33 KB 204ms
123ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:43:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1002 3 KB
1 KB 201ms
43ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1002 20 KB
8 KB 193ms
38ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1002 204 KB
61 KB 162ms
82ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:01:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1002 42 B
63 B 232ms
153ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoJHn2_isK2_Qfj0DkUaNXljlAt_2fMT3EsXyi1TOLsSHbxOtDNzbJJ2hSedzemqhlBAz1g3WtxycaDdxr8Yy8Z8MsIUonul1M6Kptgx8mzTM9y2o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 48DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5b33d09304c2357fdefd5888bb907856f82c94d424e0312c82c55764d6d83b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B62A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97dab323ebfb2999bc1d48cc49271351315a9267cd63152346e800488b7d0ce7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48DB 16 KB
16 KB 346ms
60ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:33:05 GMT
x-content-type-options: nosniff
age: 321013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:33:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48DB 15 KB
15 KB 354ms
75ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 284768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 48DB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C42pABIjSZc6NOa-Wrr4P_LaNyAbSwIL5ddGd7tzVEpbRyM_gARABIOnIg5UBYMmGgIDco8QQoAHd8KrAKsgBCagDAcgDywSqBOUBT9BlX20VVQrliOph0LQybJzt6XH4ZaGJ8VZsaADB_UO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681...

0
0

283ms
127ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681f02eae1c550000000000000000%22,%224%22:%220x1970bd1990b567e00000000000000000%22,%225%22:%220xfa6777a81024e6830000000000000000%22},%22debug_key%22:%2211601397244283355509%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212842598558270573265%22}&andc=true

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe433e11c2afad6630000000000000000","2":"0x6ab74622c7b7db2c0000000000000000","3":"0x7b2681f02eae1c550000000000000000","4":"0x1970bd1990b567e00000000000000000","5":"0xfa6777a81024e6830000000000000000"},"debug_key":"11601397244283355509","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"12842598558270573265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Feb 2024 22:43:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Feb 2024 22:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe433e11c2afad6630000000000000000","2":"0x6ab74622c7b7db2c0000000000000000","3":"0x7b2681f02eae1c550000000000000000","4":"0x1970bd1990b567e00000000000000000","5":"0xfa6777a81024e6830000000000000000"},"debug_key":"11601397244283355509","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"12842598558270573265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B62A 16 KB
16 KB 361ms
129ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:33:05 GMT
x-content-type-options: nosniff
age: 321013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:33:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B62A 15 KB
15 KB 383ms
152ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 284768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3 200 AGSKWxU32J2Rl5Yb7KOAu3bw3UAQnTf-PXhuCd5THD5LsiPwvNN86FztvTbzoUjI0NzcT2CSVi8ZaEm-fO1VhNTHRcadvamGEQLteorag9ptGZOAoFCey2-mZpPbq9W22tUOLAF4wGyWbw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 104ms
103ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU32J2Rl5Yb7KOAu3bw3UAQnTf-PXhuCd5THD5LsiPwvNN86FztvTbzoUjI0NzcT2CSVi8ZaEm-fO1VhNTHRcadvamGEQLteorag9ptGZOAoFCey2-mZpPbq9W22tUOLAF4wGyWbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4Mjk2MTk4LDI5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90aGVpcGZpcmUuY29tL2NhdGVnb3J5L3ByZW1pdW0tYWNjb3VudHMvIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef6af571397b32696b8ba13caff0260241b1cbff968c53147a7f743f67c4af24

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yBPpYdCVqh2PjP6REnPecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yBPpYdCVqh2PjP6REnPecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Otgmn1rEJfPg3ZSkjAOAORH0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FB99
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1&gdpr=0

43 B
771 B

88ms
77ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiLjIWAAjAB&v=APEucNWqCWI7tg9UJruVPEy_rOVOZEdRlPJSSEci-XcKHeZGdQIrxcjzjsN-GyjCIFyil-lQKODDs7ETInIp_ZUHjMH1VOVkbsMwM2kFfTLVbBBla2DWd8E
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdtzrbuIaqxxFkQm6nBa7me%2FSu4v57ozMKE5t93k1xYml1FUD6TTSY0%2F2r8qim0r%2FCDYQojZFTaOp4vhwQx%2BYdQvA2lSmopveir8YKRZ5S5cSAE7Xaf7U%2FfeT0A%2FXaIb1Styhcu4bf4uBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8579c9ca6eab25a7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FB99
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdKIBsAoJXEAAG1GACJXRQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1

43 B
733 B

112ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiLjIWAAjAB&v=APEucNWqCWI7tg9UJruVPEy_rOVOZEdRlPJSSEci-XcKHeZGdQIrxcjzjsN-GyjCIFyil-lQKODDs7ETInIp_ZUHjMH1VOVkbsMwM2kFfTLVbBBla2DWd8E
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHDvzydUBOQNW0p1kcg03wMpmWKSfReMK2lrMor9UUX8Bb146tpEKJeyIts5HIaR43fWRqmOw6QbtLw7q%2FOdOvlnnvjmp4N%2BC0ZsdhWfkZLAMckiMwGn0pr9WQn17M0Uyx0WC%2Bis05i%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8579c9cc194925a7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBNA7RVWKwcvSn3gw9V-7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame FB99
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEA4yQBMt53XWRnhIz0-3ufI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA4yQBMt53XWRnhIz0-3ufI%26google_cver%3D1

43 B
1 KB

75ms
70ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA4yQBMt53XWRnhIz0-3ufI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiLjIWAAjAB&v=APEucNWqCWI7tg9UJruVPEy_rOVOZEdRlPJSSEci-XcKHeZGdQIrxcjzjsN-GyjCIFyil-lQKODDs7ETInIp_ZUHjMH1VOVkbsMwM2kFfTLVbBBla2DWd8E

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
an-x-request-uuid: 1bf2aa64-b1eb-4b04-a216-f5fd290f2ab0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
an-x-request-uuid: f9102de0-74fd-42c8-b6a6-ec6b3b7e8a4a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA4yQBMt53XWRnhIz0-3ufI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB99
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyMjA1MjI1NzM3OTY3MjUwOA%3D%3D

170 B
188 B

116ms
84ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyMjA1MjI1NzM3OTY3MjUwOA%3D%3D

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
an-x-request-uuid: ab14b879-36e5-412e-8ddf-66b01425871a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyMjA1MjI1NzM3OTY3MjUwOA%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 96C7 51 KB
19 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 19:43:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1002 0
20 B 132ms
131ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1135188179483&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1002 0
20 B 432ms
431ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1135188179483&version=m202401290101&ct=77&x=1&cor=11017290752784245000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1002 33 KB
19 KB 135ms
125ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjM87Yzw2Idvt3hBYpwXHhh1GMofWAOhWqPlOQNQfJS6esHsZq70pLrkQl2Cfc9vN1fbbD_EMEwv4pSKFDuky0WVX6smH6XtPwKuwXfd_xK4ICBCLCE9av9Uhvi7_7dqCE26KrI8Rmj6TAZg92xbbkSH8kQOTg29mON9BpW7vL9exjpAM&cry=1&dbm_d=AKAmf-CXXhu2K8J07WMgt5J8SR5yTD4_yQ3XiTCDjvqfqPaIQQEFpLitEKC1JsmRERcJAn0OSMVO4Ijq-7lGPbaDmYjDG_7_3FqgHNhGO-Ni6omR6NYvZAALniVFRHGmH7ow0YJtGejid_wvxvkTFPLczd7htmOoNtCF7tQXTf9QN6uN3A-oOlIaVwd9tlNWOiFJnb55cpHnSsgE6czGse2j9wTjO-dD5Rd09rOdpODnixFxSEvqlcOo_ZVbk4r5nLs2dVzWDWI57Dwdh30lJCiS1Ys6P83nozWfPeDd7qchR0Kky5kOo9t13L0yzFTAVBSsptE7rgL72dTuJmUjSAT47qwJw8PpULaOXwNv5jFYUYBL4Yapd0W0Soodr8SwYNKbddyAHP1eXTZfVwTuCXwpZA1v4tsbS3jJP4uCuhN6yFNU6Qu6nf7UVXI3wcHVjGRk2CXqPin51PNtXoUh6CHCeudZdi0FPqzFLisK6rQNOx9IQroUNZUXGfWaRMvnszZPH-nxsAG5_RB1ZGDdh7qHgJb99j008xaacdDpTiMsNFjqzWh30vWxIOYlZliaJ1ngB8A4teMVGgx6rkfLhULFq3nkVhYAv2D77hHP_vI-EElF62e0_eUE-OjV3XVX6jbMm7Q_B0X-yCrQs01w99N1aV-2cxQtxcMUuEOCej_buq9r0uVA1hcxkWLvM4UOBzAHG_89zcklAq724GAPgS5Nx7jkI3lqxCthv3F2i1IjG3oxgSsRnvcJAf4AztOGWWgU2Nwv0Hr7zA23L2hk1MIEBhSSRb7PTiFLQrXJFgY-1gKPM4GD6Qc83y2y-AvFfZ-DrfIriSEKjWeQnhIPW8PhPve-w-jOaCoVWSS1pJMznmPpBi4x8DqWrztXPuVXs_mMadwF5H4nO5Iphhdx_GU_ZmQ0t1rJXdCSlzJusdyPrRxI2PxHEgAtMfh9t4PdxAnZkfPP6ze5puWBK7NhFQtVa-HfWHQGxgBqKvdpKq-g7mKjBEjy5zPerLAPU0Yt4KMli_iDrpn2uZP8yU_QCGUe02bLjqkxeSUfIoCL3D9WrqZ2L1EHjKI5oaQSXcqoVRDZVmQiOoaF6p2ZASIQsuXNVks-FlTtflWyLZVB5SC74Z9SuZY6ZSid5fg2oGAt-WCxUQrav8u4_Dm3yZufE1AhD5seeacSMFwX1XZN7REx4_wH4Fpjo73yReG6d7s3YTsYQK56jDKSEuDxybZ_zDVc5vsgOasRCFagvCyEGypLnDQOEjDtyZMh6HjFHPwBpDImcaK9yTjuHUL3OccWUkRd23nmtoPgxoDxaDK3Li4bs4TK8auxvo0BFJW0FF3Ixju4WQkj_c_YSU8yvkKldHEvt1vRLC30MCIGUQloWcO22DjFaARkOC7Iyp-aPcmEGP_KAKAjdBlImELZ8zkf81yW_MlB39V78aBISyGxs2rFkbaSvvBxWkbMPwLeYdjkwE_w5N6eizlm2xoklQqtxlQEll2r7J_gKewaQqkntCigRhE1HfsrVcpZ4ugRJQ2Z0WRHN9dSdmPrgXz49T9GMYplazM8knu7dyOy9l2BqKjsIQwTP8Zd6cyKfx2eMAw9iEAI7xs-QJ0PA5fpGDiKjKLPBARx5TMtPHDTbVKNnlcSuSdEY2mjfixyLEoxxL9HhAePwyDkGCeZSxWX_-miHWx1MNFZS7X1VYJeBjO4rQJ_DepgYT87JkiMzZxpAqme5HpsIZWw46Ots6E__g32KTkXdkDhgkWw8G3cxk6jtSADVJn0WJON8it_oGi_NY8Lft-RaR1a-JOFKWD6HNsOrOxbC59pulWjxJzEHrxKiIdIyKFuPDYmxAYsFaKjt8uhCV1wUp0vcFfM0hg37aAM5SqUyxXTu6hRWprvvaWZLwqYI8aRiTkjMrrB5SylJVooRD3caSByp6nHog_WrPeoJKGwd4Qqggqw-fidhZ_1IVdZ2FaLCwIStTw2H-Z7ydEbMwzKnfamkbOd3k6GOiAKkrPQIviYg6HDHUSr7goX6KEEkweBAAD2_UyicmlQdsWiz7Z0AAAhhlSyGWIsBMBckdNNq5JK2gH8qFFTW2UqS6L6wEOL97MkWRUQA8GQaDDK-ZnKslTYM_geFMHP5hMVa5VO5JBikRAaqHn9ad6kWhMDkZvej5er5VZBC5C74XHRUw5ThRtwmszSgdkp39qyZwCQURquT2X5-hC6KsIC7AFT1d62UzwsYgdjQX_QEEImaNgkGRh2-rl0bltZkm52S4wSZGvHmHAMa8zebdDc1WXEP94dQQj-sRwuv4S_gvbXUisJpXKHRTmUJVBA3VqwQdJBJj-gg55W69jW6r-wLvRn_BkcDIzkbRaJSFaHwP4Dklie7d8lAAQHAiZFgtffw_QNkaRWDe18WMFjQQoxC0yfzVcMfb4wBpuWNbQyLl8NXgbQGx3n8_3iWcWnQwK5MXTRbE7DbR6rCt9eKFmk_KN0RDhg5321ZDM0I14WpTTM-ahOxxVNFnAUt3_ra2VUYYl-K_v0YknH8BMKDjDBxmtmVDv9uoOF1-AIhQv2UgVnEEqTG4gDH9-QhuQbhBR3cMQGno77nNjxGAasmgDU9WDKiEpdG81hQKo_uJEUs9leYrj4oHGCZ99OD_fGsIu-LUcjp3ZcEO3ZNg8gD62so0-asK3hF56b2fzZNes9HP6xlYSFFrGYF5tjcrvMPUgiigfHoNii0PdLgE8d3WPiQ8HoTU9lAh7hCaVYKrvQGTXqN4jkZBMh_5gjX2zfv6zhoA9F8TVJ8n8N9MKG-TRDTa8VB0UW7rHW1a3jYKKwNnjRhi06rFKyORbZ34CE7erwqJi9Bw0CvfEzZrpQu6LlpB9KxaHFZA-2E-LA3EdfeVuLeb_ERMCPDjqGvVM5fsZaKpAoyS-LEJkcqfYkX24wFj5mkSGFb6_X1TnhKj3HCTSTODXZe-OTA8is62xzj7N2Tw2D1D6lEYFWNX4IpTklsLIGHM0SioeWG93wy3enYcVQ_B6fNtg0kpDTJyz3ax5D7y6OmmSiVas70vu-qd30kbOYiQ7YbC4leO2XwPKLqhvbtAtFhMzSEL_rzfhp6jZs-yPJndz_Fewnpc9YVzufWqfkUMdt9spRPOY074QRENDqmnb2SmGGub2a8W1QFzmFjuCm90tC7qdeyiwFKcbUWObkDsGStSxCZoewdDPlWP2rd4pgjrHTagA2BCPq8sNSlSnbbVZD1AnynguB_5pKjYxJg1s44NRQRxFLjniXyYhXlaVMgGoD6SD50RQlN4140P2agy0h2QF9A7E9KQ3pL6a2UC1h2PVBDlECdOrmXaLm75HXP-oecCHJvCz7VrMCuQJPK6kAV5hXhaKbyjl_6AVQCA-e5G50DQeLkgpF2NffB88j1kBNNWGfFeX1aedQAnuhOl1Fdfg-y1PTQKOTqK_3bNgfscXdf84wbyIi-fNqBkBLfZ3HNnzNN7tFbNQZbRTvrnSSkBvktmNHyv0lQP_88DVKLbsVr7-9r0893syoN3vyfyNPmSlL32C6AFMfbndVfDH_G4G2uxyvL0KfarwBy-V8kNmsxN1YsPo8ewMmudFYWHC8u5_wTfvUajpou2gCjVzKXgGEmUbK6eItepZR58q4IDVgkwuvksFwzBQnni1GXTcZC-qXNwQqwWx_dzWZg0i--l4SuHS2Zah4ijGtb_nJZqs-jvo&cid=CAQSTwAvHhf_InWiKRNJ4CDJ3Y8yA2MpDirbsnrqsYaRVKFmf68zxDB2Hk9n2TQPJ3Q8lW8kKizncnE6J2pNp_HrxDVg0sw27PCA0M0puQ5ZUz8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Ftheipfire.com%2F&ds=l&xdt=1&iif=1&cor=11017290752784245000&adk=1877897942&idt=225&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e10f0d3872111514784085caeab6046038e4a2f3ecc9c358d0ed7f5624a635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=90&slotname=5969432110&adk=2847260092&adf=1549381177&pi=t.ma~as.5969432110&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=2&format=1200x90&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196496&bpp=2&bdt=1213&idt=512&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEebr%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=529
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19402
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 165 KB
56 KB 127ms
122ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/reactive_library_fy2021.js?bust=31081219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a37c1ae4753e4d5dc3902ba4737a44d813eb4891ee26ca8c94b0e4a089068f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57027
x-xss-protection: 0
server: cafe
etag: 17682139086828942473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:43:18 GMT

GET
H3 200 ca-pub-4798762247809532 Show response
fundingchoicesmessages.google.com/i/ 182 KB
59 KB 140ms
110ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4798762247809532?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7f06935dddd087729820326843e63ea4d68ecb71f1aa63ad07bd263df8e349e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-58q0Mk1vTB53qsMeAXuzsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-58q0Mk1vTB53qsMeAXuzsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Otgmn1rEJnNg37TsjAN0WRGY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 410ms
121ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 22:43:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 012A 103 KB
40 KB 560ms
556ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54603476238ba6d66fc75d6cb116a966875d8abca5017098d4d56950ccf57246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxXngdFQ3WU_xMQhP8hJf0fhpTJdu1qAn7vwZTqjkaBRl1hJcggTK1p74WR2xb9e-GDfvSGSYVkq0JNGF5hv9V8ifGRcM5mqnYM6dXhJd7UR9fxiKP1ux4LgU7YYs_5KNswM2TNGvQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 98ms
96ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXngdFQ3WU_xMQhP8hJf0fhpTJdu1qAn7vwZTqjkaBRl1hJcggTK1p74WR2xb9e-GDfvSGSYVkq0JNGF5hv9V8ifGRcM5mqnYM6dXhJd7UR9fxiKP1ux4LgU7YYs_5KNswM2TNGvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lGUUBqKzTz9ztVA8ezBrSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-lGUUBqKzTz9ztVA8ezBrSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0TTi1jk1gw-YHM5gA_y4YUA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://theipfire.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 160ms
159ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIQo5D4HOl09ekwH9poFF2YfbtwR8faSCJxsxD9PNGDVuiicjD-jHsakQ6rSplQ82Jsz_gOzCiziM9eemU4hQ7L3COGOe4SGRGhmMmh53Bcd9TzZ5iR7aBGS1knrRuiBDey2BpMw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GpeChT9l_tdPWd2G6kgbDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Feb 2024 22:43:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GpeChT9l_tdPWd2G6kgbDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC0TTi1jk3gxIaOmUwA_hgYDA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://theipfire.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 1002 30 KB
11 KB 133ms
80ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjM87Yzw2Idvt3hBYpwXHhh1GMofWAOhWqPlOQNQfJS6esHsZq70pLrkQl2Cfc9vN1fbbD_EMEwv4pSKFDuky0WVX6smH6XtPwKuwXfd_xK4ICBCLCE9av9Uhvi7_7dqCE26KrI8Rmj6TAZg92xbbkSH8kQOTg29mON9BpW7vL9exjpAM&cry=1&dbm_d=AKAmf-CXXhu2K8J07WMgt5J8SR5yTD4_yQ3XiTCDjvqfqPaIQQEFpLitEKC1JsmRERcJAn0OSMVO4Ijq-7lGPbaDmYjDG_7_3FqgHNhGO-Ni6omR6NYvZAALniVFRHGmH7ow0YJtGejid_wvxvkTFPLczd7htmOoNtCF7tQXTf9QN6uN3A-oOlIaVwd9tlNWOiFJnb55cpHnSsgE6czGse2j9wTjO-dD5Rd09rOdpODnixFxSEvqlcOo_ZVbk4r5nLs2dVzWDWI57Dwdh30lJCiS1Ys6P83nozWfPeDd7qchR0Kky5kOo9t13L0yzFTAVBSsptE7rgL72dTuJmUjSAT47qwJw8PpULaOXwNv5jFYUYBL4Yapd0W0Soodr8SwYNKbddyAHP1eXTZfVwTuCXwpZA1v4tsbS3jJP4uCuhN6yFNU6Qu6nf7UVXI3wcHVjGRk2CXqPin51PNtXoUh6CHCeudZdi0FPqzFLisK6rQNOx9IQroUNZUXGfWaRMvnszZPH-nxsAG5_RB1ZGDdh7qHgJb99j008xaacdDpTiMsNFjqzWh30vWxIOYlZliaJ1ngB8A4teMVGgx6rkfLhULFq3nkVhYAv2D77hHP_vI-EElF62e0_eUE-OjV3XVX6jbMm7Q_B0X-yCrQs01w99N1aV-2cxQtxcMUuEOCej_buq9r0uVA1hcxkWLvM4UOBzAHG_89zcklAq724GAPgS5Nx7jkI3lqxCthv3F2i1IjG3oxgSsRnvcJAf4AztOGWWgU2Nwv0Hr7zA23L2hk1MIEBhSSRb7PTiFLQrXJFgY-1gKPM4GD6Qc83y2y-AvFfZ-DrfIriSEKjWeQnhIPW8PhPve-w-jOaCoVWSS1pJMznmPpBi4x8DqWrztXPuVXs_mMadwF5H4nO5Iphhdx_GU_ZmQ0t1rJXdCSlzJusdyPrRxI2PxHEgAtMfh9t4PdxAnZkfPP6ze5puWBK7NhFQtVa-HfWHQGxgBqKvdpKq-g7mKjBEjy5zPerLAPU0Yt4KMli_iDrpn2uZP8yU_QCGUe02bLjqkxeSUfIoCL3D9WrqZ2L1EHjKI5oaQSXcqoVRDZVmQiOoaF6p2ZASIQsuXNVks-FlTtflWyLZVB5SC74Z9SuZY6ZSid5fg2oGAt-WCxUQrav8u4_Dm3yZufE1AhD5seeacSMFwX1XZN7REx4_wH4Fpjo73yReG6d7s3YTsYQK56jDKSEuDxybZ_zDVc5vsgOasRCFagvCyEGypLnDQOEjDtyZMh6HjFHPwBpDImcaK9yTjuHUL3OccWUkRd23nmtoPgxoDxaDK3Li4bs4TK8auxvo0BFJW0FF3Ixju4WQkj_c_YSU8yvkKldHEvt1vRLC30MCIGUQloWcO22DjFaARkOC7Iyp-aPcmEGP_KAKAjdBlImELZ8zkf81yW_MlB39V78aBISyGxs2rFkbaSvvBxWkbMPwLeYdjkwE_w5N6eizlm2xoklQqtxlQEll2r7J_gKewaQqkntCigRhE1HfsrVcpZ4ugRJQ2Z0WRHN9dSdmPrgXz49T9GMYplazM8knu7dyOy9l2BqKjsIQwTP8Zd6cyKfx2eMAw9iEAI7xs-QJ0PA5fpGDiKjKLPBARx5TMtPHDTbVKNnlcSuSdEY2mjfixyLEoxxL9HhAePwyDkGCeZSxWX_-miHWx1MNFZS7X1VYJeBjO4rQJ_DepgYT87JkiMzZxpAqme5HpsIZWw46Ots6E__g32KTkXdkDhgkWw8G3cxk6jtSADVJn0WJON8it_oGi_NY8Lft-RaR1a-JOFKWD6HNsOrOxbC59pulWjxJzEHrxKiIdIyKFuPDYmxAYsFaKjt8uhCV1wUp0vcFfM0hg37aAM5SqUyxXTu6hRWprvvaWZLwqYI8aRiTkjMrrB5SylJVooRD3caSByp6nHog_WrPeoJKGwd4Qqggqw-fidhZ_1IVdZ2FaLCwIStTw2H-Z7ydEbMwzKnfamkbOd3k6GOiAKkrPQIviYg6HDHUSr7goX6KEEkweBAAD2_UyicmlQdsWiz7Z0AAAhhlSyGWIsBMBckdNNq5JK2gH8qFFTW2UqS6L6wEOL97MkWRUQA8GQaDDK-ZnKslTYM_geFMHP5hMVa5VO5JBikRAaqHn9ad6kWhMDkZvej5er5VZBC5C74XHRUw5ThRtwmszSgdkp39qyZwCQURquT2X5-hC6KsIC7AFT1d62UzwsYgdjQX_QEEImaNgkGRh2-rl0bltZkm52S4wSZGvHmHAMa8zebdDc1WXEP94dQQj-sRwuv4S_gvbXUisJpXKHRTmUJVBA3VqwQdJBJj-gg55W69jW6r-wLvRn_BkcDIzkbRaJSFaHwP4Dklie7d8lAAQHAiZFgtffw_QNkaRWDe18WMFjQQoxC0yfzVcMfb4wBpuWNbQyLl8NXgbQGx3n8_3iWcWnQwK5MXTRbE7DbR6rCt9eKFmk_KN0RDhg5321ZDM0I14WpTTM-ahOxxVNFnAUt3_ra2VUYYl-K_v0YknH8BMKDjDBxmtmVDv9uoOF1-AIhQv2UgVnEEqTG4gDH9-QhuQbhBR3cMQGno77nNjxGAasmgDU9WDKiEpdG81hQKo_uJEUs9leYrj4oHGCZ99OD_fGsIu-LUcjp3ZcEO3ZNg8gD62so0-asK3hF56b2fzZNes9HP6xlYSFFrGYF5tjcrvMPUgiigfHoNii0PdLgE8d3WPiQ8HoTU9lAh7hCaVYKrvQGTXqN4jkZBMh_5gjX2zfv6zhoA9F8TVJ8n8N9MKG-TRDTa8VB0UW7rHW1a3jYKKwNnjRhi06rFKyORbZ34CE7erwqJi9Bw0CvfEzZrpQu6LlpB9KxaHFZA-2E-LA3EdfeVuLeb_ERMCPDjqGvVM5fsZaKpAoyS-LEJkcqfYkX24wFj5mkSGFb6_X1TnhKj3HCTSTODXZe-OTA8is62xzj7N2Tw2D1D6lEYFWNX4IpTklsLIGHM0SioeWG93wy3enYcVQ_B6fNtg0kpDTJyz3ax5D7y6OmmSiVas70vu-qd30kbOYiQ7YbC4leO2XwPKLqhvbtAtFhMzSEL_rzfhp6jZs-yPJndz_Fewnpc9YVzufWqfkUMdt9spRPOY074QRENDqmnb2SmGGub2a8W1QFzmFjuCm90tC7qdeyiwFKcbUWObkDsGStSxCZoewdDPlWP2rd4pgjrHTagA2BCPq8sNSlSnbbVZD1AnynguB_5pKjYxJg1s44NRQRxFLjniXyYhXlaVMgGoD6SD50RQlN4140P2agy0h2QF9A7E9KQ3pL6a2UC1h2PVBDlECdOrmXaLm75HXP-oecCHJvCz7VrMCuQJPK6kAV5hXhaKbyjl_6AVQCA-e5G50DQeLkgpF2NffB88j1kBNNWGfFeX1aedQAnuhOl1Fdfg-y1PTQKOTqK_3bNgfscXdf84wbyIi-fNqBkBLfZ3HNnzNN7tFbNQZbRTvrnSSkBvktmNHyv0lQP_88DVKLbsVr7-9r0893syoN3vyfyNPmSlL32C6AFMfbndVfDH_G4G2uxyvL0KfarwBy-V8kNmsxN1YsPo8ewMmudFYWHC8u5_wTfvUajpou2gCjVzKXgGEmUbK6eItepZR58q4IDVgkwuvksFwzBQnni1GXTcZC-qXNwQqwWx_dzWZg0i--l4SuHS2Zah4ijGtb_nJZqs-jvo&cid=CAQSTwAvHhf_InWiKRNJ4CDJ3Y8yA2MpDirbsnrqsYaRVKFmf68zxDB2Hk9n2TQPJ3Q8lW8kKizncnE6J2pNp_HrxDVg0sw27PCA0M0puQ5ZUz8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Ftheipfire.com%2F&ds=l&xdt=1&iif=1&cor=11017290752784245000&adk=1877897942&idt=225&cac=0&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1002 41 KB
14 KB 128ms
76ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODI5NjE5ODQ4MDgzMgogIHNlcnZlcl9pcDogODk4MjM5NjcKICBwcm9jZXNzX2lkOiAzNTc0Mjc5MDU0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 1002 0
860 B 400ms
86ms Image
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODI5NjE5ODQ4MDgzMgogIHNlcnZlcl9pcDogODk4MjM5NjcKICBwcm9jZXNzX2lkOiAzNTc0Mjc5MDU0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNzAwNzE5Mjc5NTM5MTAxMTYzNQpkZWJ1Z19rZXk6IDEzNTI5OTkwOTM3ODM2MjUxNjAyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0xOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODI1NjYyMDUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQwMDQ5MzEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTkyNzI3OTkzNTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzY5NTQzNzkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0CmRtYV9wcm9kdWN0X2lkOiAxMjI3MTU4MzcK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x3811cfac9c58a6a50000000000000000","13":"0x957785a8e198dd6b0000000000000000","14":"0x378c6fd705c860730000000000000000","15":"0xabf1546201c27a5a0000000000000000"},"debug_key":"13529990937836251602","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"17007192795391011635"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1002 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afd27ac03c93c926b7e611f222d85bee29a0586b32d831806336408db5802cbf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B62A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8pl4BIjSZc28O9Surr4Poo6t6AHSwIL5dfb54qSuEmQQASDpyIOVAWDJhoCA3KPEEKAB3fCqwCrIAQmoAwHIA8sEqgTuAU_Q-qAnaw_i--StjpYuDTNsJ3uw0tSUlGDxcWIY2V6TjgmOGod...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681...

0
0

134ms
127ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681f02eae1c550000000000000000%22,%224%22:%220xcd40ece8b2c6c1050000000000000000%22,%225%22:%220xfa6777a81024e6830000000000000000%22},%22debug_key%22:%2212165603969962262514%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212383071903329449761%22}&andc=true

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe433e11c2afad6630000000000000000","2":"0x6ab74622c7b7db2c0000000000000000","3":"0x7b2681f02eae1c550000000000000000","4":"0xcd40ece8b2c6c1050000000000000000","5":"0xfa6777a81024e6830000000000000000"},"debug_key":"12165603969962262514","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"12383071903329449761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Feb 2024 22:43:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Feb 2024 22:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe433e11c2afad6630000000000000000","2":"0x6ab74622c7b7db2c0000000000000000","3":"0x7b2681f02eae1c550000000000000000","4":"0xcd40ece8b2c6c1050000000000000000","5":"0xfa6777a81024e6830000000000000000"},"debug_key":"12165603969962262514","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"12383071903329449761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;7893666;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN728x90/ Frame 1002 2 KB
1 KB 287ms
82ms Script
text/javascript 23.192.34.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;7893666;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https://theipfire.com/category/premium-accounts/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://theipfire.com/category/premium-accounts/&pub_id=1&sup_platform=1&cachebuster=610723.3808583796

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.34.122 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-34-122.deploy.static.akamaitechnologies.com

Software

prod-xre-app48.ash11 /

Resource Hash

08f3271c578d45479edb3568eb06beeab4568fa8cbac1128371a6b2d4c1b2222

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app48.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 933
Expires: Sun, 18 Feb 2024 22:43:18 GMT

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E6D 51 KB
19 KB 90ms
76ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=280&slotname=7450528610&adk=3277813382&adf=3535403558&pi=t.ma~as.7450528610&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&format=1200x280&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296196408&bpp=9&bdt=1126&idt=487&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&pvsid=941605088282331&tmod=275524430&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 19:43:05 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame A4BC 9 KB
4 KB 84ms
75ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 19:16:19 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 19:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame A3ED 9 KB
4 KB 80ms
73ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 19:16:19 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 19:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D2CA 38 KB
13 KB 97ms
94ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 242494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 150ms
125ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe433e11c2afad6630000000000000000%22,%222%22:%220x6ab74622c7b7db2c0000000000000000%22,%223%22:%220x7b2681f02eae1c550000000000000000%22,%224%22:%220xcd40ece8b2c6c1050000000000000000%22,%225%22:%220xfa6777a81024e6830000000000000000%22},%22debug_key%22:%2212165603969962262514%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212383071903329449761%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 22:43:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A4BC 5 KB
790 B 110ms
75ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:09:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:43:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A4BC 205 B
296 B 95ms
61ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:50:03 GMT
x-content-type-options: nosniff
age: 255196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 23:50:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A4BC 604 B
919 B 93ms
60ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:16:08 GMT
x-content-type-options: nosniff
age: 311231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 08:16:08 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame A4BC 15 KB
6 KB 81ms
68ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 21:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 21:56:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame A4BC 22 KB
9 KB 82ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:01:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame A3ED 23 KB
9 KB 108ms
98ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:15:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A3ED 9 KB
846 B 104ms
76ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 22:08:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:43:19 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame A3ED 15 KB
3 KB 281ms
82ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 17:59:04 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame A3ED 379 KB
132 KB 282ms
84ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 10:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 10:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame A3ED 20 KB
8 KB 77ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame D2CA 39 KB
15 KB 84ms
78ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H2 200 ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 1002 86 KB
26 KB 269ms
77ms Script
application/javascript 13.226.34.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225407;7893666;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https://theipfire.com/category/premium-accounts/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://theipfire.com/category/premium-accounts/&pub_id=1&sup_platform=1&cachebuster=610723.3808583796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-99.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:45:42 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 25057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26381
last-modified: Mon, 12 Feb 2024 15:44:51 GMT
server: AmazonS3
etag: W/"ced6ce1b7b99b74cc94c9fe3e5e2b4d1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=86400
x-varnish: 696230694 272271280
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: QnEbqKcnTj7MGayIN0p6OSqwYVDMsdGNZ-TtMQgDSowFzbQ9e6saWw==

GET
H3 200 13919447344365525878
tpc.googlesyndication.com/daca_images/simgad/ Frame 012A 18 KB
18 KB 93ms
90ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13919447344365525878

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26bd0002d9c6993adad0395e0309c7d789ae207ccbf7ee11b8869a8d95bfbd69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 21:42:34 GMT
date: Fri, 16 Feb 2024 21:42:34 GMT
x-content-type-options: nosniff
age: 176445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18655
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 11:04:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 012A 23 KB
9 KB 81ms
78ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:15:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 012A 3 KB
1 KB 106ms
101ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 012A 20 KB
8 KB 118ms
115ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 012A 0
0 242ms
86ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRipuHNkPgLmgHLC4Y48fbRvFmslXqhUF4eodGd-2pozhvXj08mBJpHJNqwI8D2DK_0b7o_FKWrIV9-IzCpgq0jxiEubw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 012A 204 KB
61 KB 79ms
74ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:01:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 012A 36 KB
14 KB 107ms
103ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14610
x-xss-protection: 0
server: cafe
etag: 17234995959194474601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:16:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F5AD 143 B
166 B 81ms
69ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 21:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DFF8 1 KB
646 B 126ms
101ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 21:47:22 GMT
etag: 48472445140208031
expires: Mon, 19 Feb 2024 21:47:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 2E00 2 KB
491 B 108ms
102ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:06:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:43:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2E00 2 KB
823 B 97ms
95ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 2E00 23 KB
9 KB 96ms
93ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 13:15:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2E00 3 KB
1 KB 97ms
94ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2E00 20 KB
8 KB 107ms
105ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2E00 204 KB
61 KB 101ms
98ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:01:35 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 2E00 36 KB
15 KB 99ms
97ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48DB 42 B
64 B 151ms
137ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsRv-wP2-nKDgcev7sw9bCIUr6QKL3chGLkILyhmBKKilFQaU175-rm8wTdSXp75irnbCLdnpei2WPnngJs6dghd6HSIa3gZLYq6DB3mlopn197oa8s8cf5pGsDlp0-Rx4qQvCVabza95wzIZNyUvSzAMqtd2H26k&sai=AMfl-YTChWtZKPmeT89UBfMl6Im7bFntAsfyWZK_v09FB80s8dOV6OkJfA73hbkYFqzN9jeiW_GqzTVh_U7p6V-4u2JHUOAAFXvObZZE3KnPA8xBDPk0-NkFnlRmKAQc2W8hJpjGsvG8U_LDbgXTfV51sw&sig=Cg0ArKJSzMevauT_8EfbEAE&cid=CAQSTwAvHhf_5wcRAP6uBAXPCefZXzp4ThuCzzYRzf1K7r44FKVWaAErYxcwKvjk8zcwSVr-lwIYTBRQPaEuVMrQFjJSZHsNcWKIe6tvS96LG9sYAQ&id=lidar2&mcvt=1075&p=0,0,280,1200&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=292573710&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=422899800&rst=1708296196854&rpt=1383&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 012A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f958a0150bb4dadcca3297b992887b9fcdef753cc84fd3cb1c9edf1e848fd708

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F5AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

101ms
92ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:19 GMT
expires: Sun, 18 Feb 2024 22:43:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame DFF8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEf...

43 B
447 B

189ms
152ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4798762247809532&output=html&h=60&adk=1155038629&adf=661511482&pi=t.aa~a.2791832368~rp.1&daaos=1708217563420&w=1200&fwrn=4&fwrnh=100&lmt=1708226703&rafmt=1&to=qs&pwprc=6797574804&format=1200x60&url=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708296198493&bpp=1&bdt=3211&idt=1&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd3bafda72245a8e%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ&gpic=UID%3D00000dcb1d418472%3AT%3D1708296196%3ART%3D1708296196%3AS%3DALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA&eo_id_str=ID%3Df92f93528a6768c4%3AT%3D1708296196%3ART%3D1708296196%3AS%3DAA-Afja7wg8SAXVOsPev-RoABTcD&prev_fmts=1200x280%2C1200x280%2C1200x90%2C0x0&nras=2&correlator=3088785840123&frm=20&pv=1&ga_vid=676940657.1708296196&ga_sid=1708296197&ga_hid=205173585&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081186%2C31081189%2C31081224%2C42532523%2C44795922%2C95324580%2C95325066%2C31081219%2C95322181%2C95324154%2C95324160%2C95325079&oid=2&psts=AOrYGsmjnJb-USTGqKuASgUTpTBoHpyJLzSvkWH2KmqYHVGaTchaFeNeZ8WvAXBFVmvDMbYk3vo9je6Teuy08vyowrJW3-k%2CAOrYGsm05N60-VfDqKheEPSgWMzW8WUkT34NFltIVuKgaCokpFj61YuRxiqz2JpHxad00a3Oze_GC3a8Tl-P8lrjD8_AfkUC&pvsid=941605088282331&tmod=353850810&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=20
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c9d18f1a8ddf-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 44
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFhLuSIX-BVtXiW958zQxUM&google_cver=1&google_push=AXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5PPviZYq1oLewGlBlvHDJaGws13e7-YcC38jdXHT51BaNaXxe62mKLgIbvDeJMxDB9dHEKqtUwIXmX6_fiT-tz1sgFEfm3MY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c9d05d518ddf-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJFjW2a1PHHFNSFIswU_WaM&google_push=AXcoOmR1zn0meq6qZGH5kKo8Vrx4FDqU-55xfl-83Pi14KTjN4HnZG2ua1...

170 B
188 B

103ms
90ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJFjW2a1PHHFNSFIswU_WaM&google_push=AXcoOmR1zn0meq6qZGH5kKo8Vrx4FDqU-55xfl-83Pi14KTjN4HnZG2ua1cfuDt4ArcFmDC2v5DokrYHTgvPGTuVovSp4q-MhVgnBTg

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mia-kmia1760079-MIA
pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1708296200.735539,VS0,VE27
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJFjW2a1PHHFNSFIswU_WaM&google_push=AXcoOmR1zn0meq6qZGH5kKo8Vrx4FDqU-55xfl-83Pi14KTjN4HnZG2ua1cfuDt4ArcFmDC2v5DokrYHTgvPGTuVovSp4q-MhVgnBTg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN3l_JlmKD3Q96iSO_WdKSs&google_cver=1&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYiZCkx1zyG3twXlk7Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E841C021C2DF4F52AF7FFB302C4E03A7&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYi...

170 B
188 B

114ms
110ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E841C021C2DF4F52AF7FFB302C4E03A7&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYiZCkx1zyG3twXlk7Q

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:43:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E841C021C2DF4F52AF7FFB302C4E03A7&google_push=AXcoOmRhQfpVA2yarUl75fk1bOH5rQRyY-tj5Y_6Y_it6kBqz_uls5qz3YDzQqzz4QsJL2TsVZCUwBt4A-hQnYiZCkx1zyG3twXlk7Q
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 17 Feb 2024 22:43:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKVAJurPOFy-K9osM0ZPrZ4&google_cver=1&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxeSuZgBT0Q2XCUR10v0tg&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl7eop0XOFW3aajr8

170 B
188 B

104ms
99ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxeSuZgBT0Q2XCUR10v0tg&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl7eop0XOFW3aajr8

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:43:19 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxeSuZgBT0Q2XCUR10v0tg&google_push=AXcoOmTrnTQVQtzKaPRmH_QxyvK2Fwi_B9Ywa7pNUfxjzjjoqlQ0mE3bqQaJEfMaXxW3VsXtx3FyU531Rutf1znl7eop0XOFW3aajr8
x-host: tde-deliveryengine-production-7fbb6d4658-f2mnt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPHGWWnYtFljJ8_MP40WUNg&google_cver=1&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEPHGWWnYtFljJ8_MP40WUNg%26google_cver%3D1%26google_push%3DAXcoOmQYBLmdkQLTKzKWbF...
https://rtb2-useast.e-volution.ai/sync?adkuid=A3270397971712347764&exchange=193&google_gid=CAESEPHGWWnYtFljJ8_MP40WUNg&google_cver=1&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMyNzAzOTc5NzE3MTIzNDc3NjQ&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SS...

170 B
188 B

95ms
94ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMyNzAzOTc5NzE3MTIzNDc3NjQ&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMyNzAzOTc5NzE3MTIzNDc3NjQ&google_push=AXcoOmQYBLmdkQLTKzKWbFDw0gfDiYZHly1Nz25zcDTSlVeoAYD-HvMy4Lo84bH8n_m_qFlQuZKX_SSs1JpwxwF8GhDzGssH64w0wlg
Date: Sun, 18 Feb 2024 22:43:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPFhHvwPa-X_2Bn5Iysm5Hw&google_cver=1&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiU...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiUCcqclQJ8&google_hm=ODAzMjcx...

170 B
188 B

102ms
98ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiUCcqclQJ8&google_hm=ODAzMjcxMjMzNzk1MTk4MDM2MA==

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSERRbis-CbiKlm53MpzvVLcyXQwDlm8Ovz2jD1K5kzeaWVAPFgQ8_zD8KvrcKA3tNIi8aJ6hVp1izKXAdCUsd2RiUCcqclQJ8&google_hm=ODAzMjcxMjMzNzk1MTk4MDM2MA==
Date: Sun, 18 Feb 2024 22:43:19 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFF8
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOINRC0KzV8xLfPvU1o7MwQ&google_cver=1&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSum...
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSumcHq_OLBklg

170 B
188 B

101ms
97ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSumcHq_OLBklg

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:43:19 GMT
strict-transport-security: max-age=2592000
server: nginx
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language: en-US
location: https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmS7E0zUooPtJWaE6pMT0LwUfkADL9Z5daC6dVJmRLonN6lnAtVR2t6q8fB_JZeDjGsGACvD64kg1dAWgOyMkhcSumcHq_OLBklg
x-yak-request-id: 1708296199827-c8d650ba6580696601f8f463d28d8cae
yak-timeinfo: 1708296199827|1
cip: 38.132.118.67
alt-svc: h3=":443"; ma=604800
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DFF8 0
12 B 126ms
118ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lr97dJDtKdBZGxcj5MaiV8f75MvTP-FMIj5kCZXPtoncFm6dBLiDYkeX1XB-VfKm76fNBnGzSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 012A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUzNTBojSZcmHI920oPMP9b2bmAe0jo71dbjJy6LdEbKQHxABIOnIg5UBYMmGgIDco8QQoAH34pu0KMgBAqgDAcgDyQSqBOYBT9B0ya3_a3ugQiPdZ3oFcWyLQs87FOpIbplsgIEBzN6i0wA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2104e3c397494fcd0000000000000000%22,%222%22:%220x8d2a642223252c60000000000000000%22,%223%22:%220x93ff92b...

0
0

148ms
137ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2104e3c397494fcd0000000000000000%22,%222%22:%220x8d2a642223252c60000000000000000%22,%223%22:%220x93ff92ba987ad210000000000000000%22,%224%22:%220x51f41da032c0b400000000000000000%22,%225%22:%220xca4bb7bb4d2e24440000000000000000%22},%22debug_key%22:%224593090289220782844%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223784124100078212593%22}&andc=true

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2104e3c397494fcd0000000000000000","2":"0x8d2a642223252c60000000000000000","3":"0x93ff92ba987ad210000000000000000","4":"0x51f41da032c0b400000000000000000","5":"0xca4bb7bb4d2e24440000000000000000"},"debug_key":"4593090289220782844","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"3784124100078212593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Feb 2024 22:43:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2104e3c397494fcd0000000000000000","2":"0x8d2a642223252c60000000000000000","3":"0x93ff92ba987ad210000000000000000","4":"0x51f41da032c0b400000000000000000","5":"0xca4bb7bb4d2e24440000000000000000"},"debug_key":"4593090289220782844","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"3784124100078212593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame A3ED 0
54 B 614ms
193ms Ping
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lss3g7oa&c=2969248019453&slotId=1484624009726.5&qqid=CNPAhKD7tYQDFQSxywEdryIOaA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3ED 0
22 B 154ms
141ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CimoyBYjSZZOqC4Tirr4Pr8W4wAblhJvidZaFtp-eEs_hh5yfQhABIOnIg5UBYMmGgIDco8QQoAH88rSvKcgBBagDAcgDmwSqBO0BT9BfBm7whbqCwe-DM2s-v_UdiatRg7cYqYWvXK6XAYPSEJ-4rimBvXpqoH240DbQ_bjNYVoGtOAUyvE5KpF-QMypcpvLfGszPY0JhKUU5m_e85erscispy2dHI69MrbB14d_YSBT6ZftUz2iqeRG4SHdyJzLSpNlW3rQzpHj4Bjx3kMHPu7yiJE1hBYjgyk2G_jL4LrMLbsWLJcpOahqPoWBBDdrWCz5GmYhlQurhpE73H8PTLdUAjmfx4yKvCgEOr-1qvk4W6lwNa3UAQXKaDx5XdZm41tZ9U6OMwGCUT5Z6a-kE6s_sNI1httQwASB7aG8xgTgBAOIBc6h25tOkAYBoAZOgAf8qoWPBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYyv2DoPu1hAOACgGYCwHICwGADAGqDQJVU7AT25zWFsgT5Lmm5APYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1708296199676&ai=CimoyBYjSZZOqC4Tirr4Pr8W4wAblhJvidZaFtp-eEs_hh5yfQhABIOnIg5UBYMmGgIDco8QQoAH88rSvKcgBBagDAcgDmwSqBO0BT9BfBm7whbqCwe-DM2s-v_UdiatRg7cYqYWvXK6XAYPSEJ-4rimBvXpqoH240DbQ_bjNYVoGtOAUyvE5KpF-QMypcpvLfGszPY0JhKUU5m_e85erscispy2dHI69MrbB14d_YSBT6ZftUz2iqeRG4SHdyJzLSpNlW3rQzpHj4Bjx3kMHPu7yiJE1hBYjgyk2G_jL4LrMLbsWLJcpOahqPoWBBDdrWCz5GmYhlQurhpE73H8PTLdUAjmfx4yKvCgEOr-1qvk4W6lwNa3UAQXKaDx5XdZm41tZ9U6OMwGCUT5Z6a-kE6s_sNI1httQwASB7aG8xgTgBAOIBc6h25tOkAYBoAZOgAf8qoWPBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYyv2DoPu1hAOACgGYCwHICwGADAGqDQJVU7AT25zWFsgT5Lmm5APYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A3ED 0
234 B 585ms
187ms Ping
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lss3g7pb&c=2969248019453&slotId=1484624009726.5&qqid=CNPAhKD7tYQDFQSxywEdryIOaA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1zt&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A3ED 33 KB
18 KB 312ms
113ms XHR
text/xml 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-At5iAW9EIURSbNpJLXBl82u0BW7NifMfCoGLKkzvrQ7akq4h7xHMjSQIqJ5flfqde_HOcE7LvwXYRfaCjFd2bdv8NqfA&cry=1&dbm_d=AKAmf-DuJmesV8t5ExE5duSWZV6_53HG5nujW62CgPWR6EgpJ6YM7CSKSXJxEbe8Nug3oXlQER-HUKcnvyibyys5lpCpyrM-eBcnZtJ7QSEoUSTtOvyaUFBldvLqcyHDRd96UwE1jsnhu0DfEqwWKVWhMhmT89PZjosIsE7WTBjMNzE91Pxv9lZ6iFbtypzM4eSKKRbHsDdydWUvhsWJuqYjoa8PGj3Ul4B2znTXh6BHgshOHHze-BIxdBWTEz4ITfdMNnoLGmZG0vsfxpWca7bi2IcLwkJ6qg699vMFj--L0weCaknBH_-y-Qkj9CN2rtr3a4Lce2v-DdAqCIdmUjRP2ZYfQ-0ZdGJuLORaet1nWa05u_21mM1lQy3EOmhW4iiUPig7lWGKbcDtomJ34tC4y0ANPMJ0FlRNaORN_7p9-uhmiVIzZo_pkXWpIw8DhlWlRE49VkORVfGRNfZbViAZ61D9ynW78ulcJQOS8cMsTBU8FqCv0hgCz9P7xl8SyB25fmN8-p5vI-p8vypckP1_BC_Xq_0_2bpeNdDy0n8JIzhZcjZFJe7CvJ0DtkJErk1ygm0CKCSL4OhgSpFWicFrJuioqM8kwKxFQjy6BaNYkSMSTJqGgalPmpNrYdRzq_6_e29jKsFVwJnXqMNYV15hLF-k4mtiWlyvuUlWdwKebuTR1k5LA2LuMXCw2ymZ3u-46WR8-xyZboAQk4XPLHlKpmbkFdirvHVqKUyfSj9WxLqbAQDlO8DXgCHS78AuXU_Kokh291wtsHzpysFdmsRQd2IzCmk10nvOpax9C2Jf2unQlXRPxFIp43hbaVrHx6aLHUpRRyPMbCRwsHbPCmdgQZpBy1DQs8mNgiw027obPTB_LOCnFXxc2DXfqS2lTQMHx1ke27mahHQdm5U8snLm9R7LobHHJYe9wKp5DzRt9kxsD0BbLiv8VllsabXZp-z8ND4JkF41bNzeqN1Lgzz5_T6jjeu6ct-tTPpXOGPrprTcD8YaWRc4aBwt4WALE1sdta1NnK0vcMWW0_usjd8nzGeKe5OKNavBoanYmLp35b3m2VwYmmUEQpTUDnH5VBzbD-fTh4Z_jhETFLiAssZr8YbYP7kaAFFXtRKrG3P5q81Zlq7fivgew4EvWmOKqBuVWIzLJHPWN16vBj7xjJ9Qgm-A1epRU8eSplJwhyyu74ghRQDX3-vx46gQ1EMJcfnHcTWY-89IFpfuN6WiY9Mh66_NMSO1Oc7VduuotomXoFdsp3JWjfghgit5O9YmmVSNmBt7Bddfw23gosrafV_L0VSPW_2Xzgznq8FV_Qsp6m3NHaABDrZ_xaDrUbAoeBf22012je-6gc2qVzCwmLFJ-Q-D4puz2ecBBXofZUfejb3dEVJ2_TVtsh5iPbZNH4cGI2Qa4iybq9p2OTTvoKPSmc8xrlMLv3FS5VwZm1ltHGhuA7zBJOGExRqEKSGB4DHfmXG_iHdb6B_MLSy2V8DT0Jb8iAOLkhAHEtJ8-46_m43osoSX-7ALxT7gsPixV4D1fdPUF9k0-oaANcJzA3cy8urbaqTgVfpDP2iKpM4DBrKRTW9JtAw5mjqcabd6Y_67gfG5y5WsjVIb9FK9lDBu1HdjzZc4ouaCmUCaC7cUvanCuAc3UEGGJgQUMUXJN7_xKSC-frvcSFYGWzO384RFPWJ0NSFkAhJHEPAJ-IOxtBqwxKCeHIfXvR-izP-zlBTXYD-2aJqpGFMYwlG0YlrcG8URNdTjoSaAAhdZlxFqdoxGxyBFt8Wcs8C3jDtvX0rX_2wxVyf2fYiNZJW5SjPdZjLJFrFMxLfebxNi0smzTVbbxXaA51_C9ZLIFUbjZRRBJVODVf8_GfcDFMwB9wZD9g6mge_S6XNRWiIc7pD3c7JUB7WlEDUU5vcATN810UV2gUK4Tu_fjZwMRmkY4-PKD-KEwamjoUU3NUyImnbak4hIiM_n4ZwBAC8sNKguXQvD1pbD5sOS6DeAnERB43rXld1Fqdp0m8ILrJ1B4sNwsGEzd3KFkkuQivzLETW2QwizgApU_HNqFwifom1xi-nLE62v1Dg44mdkkjJujaZvp1e5X74Fprv03utH-vnwtTa2Fkz28WBYAgPwIstSo_m2QrJ1fgFsj321ioOHxDXOM6E0ouY-hAb-V-rd4I9sod2mEG3k6Z5RTs4iJkJ0WgWbsmw28j3goy-aUkbELE80zqX3nsdjYaSuNBRJaPEOyQOVlzJHRDaRvX0GoeGWYpkxJIBcjIVJjobuxBi5f_shXsvTyKIgwZBSZOBRcPql25-hwTiS6Pc6fLCKzNcEeRdFNSorAY0Nnjtz_-N71yzabvzHXGXC4f5I3eFua2a2RRu6y7bHzsPB9--o2DuCI6x3DXDAOSScoNZIJg0-J6VOJSfDSpbp6WU-BUJKgylfiwbviCfz6wegA1J1gDXHPkGdcBYGz8Y_900OCjSE6aT-b-nfl96nwZdb4g_Y2WGozaE1N3lt1Cqti3RCfpXCbLyYcAHxt0pJIhRP_QKA2etpvDkOBni50iGE9kIq-zd1RCzQYx3sY4-ck0HHrDS2XXpyn36IR0PVvK1BGFV2F2LyA5FQZiqrVlNisvBRLtAD2CNtPq6lxV4S0D59BDPS_P_PWFZFXdxKpLVk5PTvfIxMHK_ZabbhkOTU7CYF55o37Fz3T9x4aVEgfI0sshbEOA1u9msgZIgrHdxvg1xMejAgWAdahYXt9TAh3FLhvssw2ky6wQfrMyeh4gDSmdyVOC-55T609lNOc8pLx1JG1qWtv_kpy_a4wiCkoJYxvSod-NdHyvMvVa40chyDIUwa3cnFq0GQVfUoaoTKKgzOKvZSfPM6XrHFI3IyXHi9nLosDSVsDAklrEcZ0hkttAjVUjWFX4ejuCgCVf-BWO_CuU-XS3poMJXxlY_TRYJwMz0DwAImfzsFhMRcp2VTLIfK6gmEcbpg7ZiqRi09JeKN4YNUqnYO9iShh4fnVfp56Wq86bHgsheMF-5S_tjBw0-FllfZ6KwcYONa4Tlp6X7wrE9tNrKvaLlVvkF8WBBb7wzyYzcmAp06hhgvi48kzS4eciYoCC_A5UnYqlHaAf5kRldPwMwn64OPpfL76sOjsoatEg95QvzYqCcTAl2AWHgfsiKN8aXILy-sZ0yEK_nrj3QqJCa96Z6aW7mm_SIfXAdr25e9qYzRfaHf9fFSF-K2sqd-zSWorIu1k90dzE0X-6McsXCM5yoz0OGXo4fVNuKGvAbXSj4TNwlfeBggmm75MdAqJ3kmDmxUpZ8ZZDpCSyPxwKTvQGJ0ErGOlCo26OrHXsy05fMd-RmyB3KfDJTdChnESUwnEl8SBdcv065-QKKJ_a9s61tuT5_Znhl6qlqcBUwbAuY3KZAMa8L8vN3YUGR-Q3bT2QFW5RI42HUsIASpsoV-dYVnGgN53QhAlgq4maXKoGCExo4tOoA8zvQjYHFg-5EQBG4jvCsIyieCpV3Rp339Iw0nps4RiiREGux0CmbzM86BOd_6kjX6OqdyEF8DUxDRLUQooHouvW-IIEruwdsvvvIG8UiTz2wP3LCA8q_Q4CBKBDunq-d17jzwafwmte-_qrkQ7GUNkvwfLLj6OlOQO7FhTkLNBRbLQjJv6CWCiiOEoFr6PTPtQ71woyrmIQNX9CufSNzoFLthls8-XT94cU02P0Sjp_xBEMRMEZ-dlYs8aVN3&cid=CAQSTgAvHhf_kIFX6j3nzB-2TRgTSricpgkryCRF8KxS3nfCr4gJvMxXmE1Scu587NHM8igEjCJfHkOi2kKCBwAA_aEGxlyIMKE5nawagYmxuBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

0a65fc176face71ae887a14e4c6e3ee8de307846a985e7c37f16f981642eb868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18053
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4251821.json Show response
agen-assets.ftstatic.com/display/7893666/ Frame 1002 4 KB
2 KB 378ms
150ms XHR
application/json 13.35.93.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7893666/4251821.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f031c0e2645632e3abdcf46fe33f321bdc1fbfc5de10dcb79f808771fdd3c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:20 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1796
last-modified: Wed, 14 Feb 2024 16:45:45 GMT
server: AmazonS3
etag: W/"f50329be61ba111ff77a7ffc492c861f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 913435708 914168997
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: fJEtO2v3gziJpWjE8fPD1Qz9sNMOzFy73YJXEu3pZ7y11taIf_UtTg==

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 109A 51 KB
20 KB 78ms
72ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Host: theipfire.com
URL: https://theipfire.com/category/premium-accounts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 19:43:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B62A 42 B
64 B 220ms
212ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsve3GLRDY8yLdExWiSRn-7xjo0wHH80JwMOB5E7vafDY8doe3GpiXtGzBd8O8BRb8dllCYGbDJomnsGbKmTvhnjYwjUup9SiGQ0c2vxAc4eQI9WjWqS4uPuGqyFRaozBukG_0XROrZ03j0GxKuZzcz2XwjVTbwVGTc&sai=AMfl-YSDMLz4yg7zrm3FLx2mJr_yUqSbALlNmmAvoYEw5APVGgDHn2OYqMBWS-F33jqtHbe6txopAfhjxOeWKeh2jBjjVzZovTYfutl57sFM-mwRvCTUkM7EkyK5eRLwYbIlGlHetOhzHIELm9fS4r_k7Q&sig=Cg0ArKJSzIjdWZ_15OsTEAE&cid=CAQSTwAvHhf_cxYQnGjeDfZpylbqIadvKcRhYTMNS0ErlXMJMTEGPK7qCBaV50msORpw72Mx-YHaE7JvIYh0300c7AfNwLsFTwL40rEXYluZQhMYAQ&id=lidar2&mcvt=1103&p=0,0,280,1200&mtos=0,0,0,1103,1103&tos=0,0,0,1103,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.32&if=1&vu=1&app=0&itpl=22&adk=3277813382&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=422899800&rst=1708296196916&rpt=1808&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 169ms
157ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 22:43:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A3ED 0
0 182ms
180ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_6P_BYjSZZOqC4Tirr4Pr8W4wAblhJvidZaFtp-eEs_hh5yfQhABIOnIg5UBYMmGgIDco8QQoAH88rSvKcgBBagDAaoE6gFP0F8GbvCFuoLB74Mzaz6_9R2Jq1GDtxipha9crpcBg9IQn7iuKYG9emqgfbjQNtD9uM1hWga04BTK8TkqkX5AzKlym8t8azM9jQmEpRTmb97zl6uxyKynLZ0cjr0ytsHXh39hIFPpl-1TPaKp5EbhId3InMtKk2VbetDOkePgGPHeQwc-7vKIkTWEFiODKTYb-MvguswtuxYslyk5qGo-hYEEN2tYLPkaZnmUkV4VA31OirDz-Pq9CU4B6F56d7P94AJFkR5RLXkctVzx26682JVy-H5Qz4aq-WvfLq5JydNO4ApZDPN3p-HABIHtobzGBOAEA4gFzqHbm06SBQYIAxACGAGSBQYIGxACGAGSBQsIIhADGANIh6WeApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH_KqFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChDzrScYi8HBhwLSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYyv2DoPu1hAOACgHICwHaDBEKCxCA7cuesJSRvdkBEgIBA7AT25zWFsgT5Lmm5APYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNDc5ODc2MjI0NzgwOTUzMhgA6BcF&sigh=pE2FqZQLiss&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_kIFX6j3nzB-2TRgTSricpgkryCRF8KxS3nfCr4gJvMxXmE1Scu587NHM8igEjCJfHkOi2kKCBwAA_aEGxlyIMKE5nawagYmxuBgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Feb 2024 22:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 180ms
178ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbd447fabda2d70fd3b5bcc4066c46cd5ea00b7a75c0aff892b19a104b752780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12210
x-xss-protection: 0

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 28CB 51 KB
20 KB 155ms
143ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 19:43:05 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A3ED 0
54 B 183ms
182ms Ping
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lss3g7q0&c=2969248019453&slotId=1484624009726.5&qqid=CNPAhKD7tYQDFQSxywEdryIOaA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A3ED 41 KB
15 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 16:17:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A3ED
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

408ms
66ms

Fetch
video/mp4

2607:f8b0:4000:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FE5D6B70DBD3F507CDCDF059571D3D155F668E6.802466839C91AD15E65DBA59863D791AF19FF1EC/key/cms1/cms_redirect/yes/mh/m_/mip/2001:550:1d05:1::9/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1708295561/mv/m/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:19::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:20 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4311407
Last-Modified: Mon, 12 Feb 2024 23:36:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 18 Feb 2024 22:43:20 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FE5D6B70DBD3F507CDCDF059571D3D155F668E6.802466839C91AD15E65DBA59863D791AF19FF1EC/key/cms1/cms_redirect/yes/mh/m_/mip/2001:550:1d05:1::9/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1708295561/mv/m/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A3ED 453 B
590 B 67ms
66ms Image
image/png 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4798762247809532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:05:23 GMT
x-content-type-options: nosniff
age: 2277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:55:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 141ms
139ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 22:43:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1002 42 B
64 B 143ms
141ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-W9AUmUuJLIQy76D1TrvCykBHv495vx2-9xb_3BWb0Ql70xSnQ1i5wXTylAAL0OwXD9qVoiEGRUL6iOg1LnFwhx1DtoFVHK974RuPGgt3bGPAXtR5-IXJDkQ4dPuT5ganF9t9LPK_kj-xtOSGfRtMWqRtdA0GjcQ&sai=AMfl-YSrhFz4F0vHj8QUdwoAtchC-ecG5MVc81KniBlkDi-3c84yRdyWcudLe-7KCRY92I6FqI8LthRlz3SznxPy0tNI1y6Toj4UzvqK26v3XxEAzQGvKXLoLEE4oZhIFaKpq5SO2bEU06aqNVCUgl9n0g&sig=Cg0ArKJSzMUQ_ZsgxsUrEAE&cid=CAQSTwAvHhf_InWiKRNJ4CDJ3Y8yA2MpDirbsnrqsYaRVKFmf68zxDB2Hk9n2TQPJ3Q8lW8kKizncnE6J2pNp_HrxDVg0sw27PCA0M0puQ5ZUz8YAQ&id=lidar2&mcvt=1214&p=0,0,90,728&mtos=1214,1214,1214,1214,1214&tos=1214,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2847260092&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=422899800&rst=1708296197903&rpt=1239&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame 1002 11 KB
11 KB 426ms
55ms Script
application/javascript 3.231.238.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.238.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-238-170.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 2156b8e2f672f88456a9b2d2bb9edd794b03c2dab1756b83394a414ecc5b949f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:20 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK adobe_contractor_728x90.html Show response
cdn.flashtalking.com/172799/4251821/ Frame D541 3 KB
2 KB 306ms
64ms Document
text/html 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 82cf8e9d7736720768907c2b9d7a62492079b96bb642c99e30fc1ed202ce4eea

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=149
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1213
Content-Type: text/html
Date: Sun, 18 Feb 2024 22:43:20 GMT
ETag: W/"9996cf47eebc06c59da6f0faf8bc03f7"
Expires: Sun, 18 Feb 2024 22:45:49 GMT
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 304973653

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 1002 549 KB
160 KB 402ms
74ms Script
application/javascript 2600:9000:261f:4800:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:4800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 28a75cac2d6caa3e8f73fb6ae37ac241a89031f6b167d34f422ea85fddf9797a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 20:39:57 GMT
Content-Encoding: br
Via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 7403
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 18 Feb 2024 20:39:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: DNOHLGLpM3Ol9AndjAru59qtd0HdpGNlXq2mNttCouboMh2Nsq0rlA==
Expires: Mon, 19 Feb 2024 20:39:57 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 1002 17 KB
6 KB 307ms
65ms Script
application/javascript 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=54230
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Mon, 19 Feb 2024 13:47:10 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 1002 1 KB
2 KB 306ms
64ms Image
image/png 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:20 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=1954142
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Tue, 12 Mar 2024 13:32:22 GMT

GET
DATA 200
OK truncated
/ Frame 1002 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCDF 13 KB
5 KB 90ms
87ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 9278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 20:08:42 GMT
expires: Mon, 17 Feb 2025 20:08:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E303 829 B
561 B 118ms
117ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a087e6eb64ba793a3fcae3ff61ef86d55a1d7d2966ebe444ca9bf1141a9fee1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zfXkR_eWipU0X7WjN8C6tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theipfire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zfXkR_eWipU0X7WjN8C6tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:43:20 GMT
expires: Sun, 18 Feb 2024 22:43:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F369 23 KB
8 KB 108ms
66ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 281824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 16:26:16 GMT
expires: Fri, 14 Feb 2025 16:26:16 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1002 0
22 B 138ms
134ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1135188179483&version=m202401290101&ct=77&x=1&cor=11017290752784245000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2CA 0
22 B 141ms
130ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsaTpBojSZcCsHd-16toPjtesqA0AAAAAOAHgBAI&bg=!ERKlEl3NAAZN4L4YbeA7ADQBe5WfOHC4zE6rv3yD3GQQMwJSJQ6YUDw5aVGSvuKkdgYmNzMDQqg6Hi1aIdBT-DRNyxpSAgAABT1SAAAADGgBB5kDEF6q3Awx9LkoQyhiDEY-CYfLlbX2H5D35BrTEo7p9F4v6324xhz_rKbqbrnrNA5DpzuO_GXpdfl12L18xYrSkBl_hdNINJu7n4CddjnS8wlVDH_R61Y4aE0gGiXByENzfKqhsz_Ov9A6wuO3IcdG-JPHg7EmFepYI38C4ye4AotChO6SeKF7j6wfdXyz0QjARpf0lp3rfeWqeFuAohLmOjdUpRAgeEAQM70mkP4bvcwd3l1MDEtZjbhqRBGYGYEelgcL1VWzdtEzWFH-MlOUBdfm12zqYfSMlW96Sb5xTNxjXHCkOZXcM6MYwFmk1shVcecMLvLR6csL6hI-CQ5jceRRk7Wgq3-atnrx09vYc2X9ZiEFboHcf2J55jPdDAgHNZQSpeCfRnsYT5Tihkl1KEtWb5BGHcBqhcF7fvpE9CYxCnLAHqHb6SYvTiXlDltGTwmASevJ_eGnS3jVY2tbGt6UV7DXoZVx5rIFtSeCqBOj5vSfFWNSZq_HDcyibZH-HKVTYMlQYEgtwKguJUr2HSmxbRdC2lB8ZuQgrlUFgXds2HcL0Bo2zvJTnHFq0wxlm8ev5R09yDoF5UCcRAHYdzvAGP39AcF0gG7UcTmIeepVHdqgJSMxtT_RSffQo8SASBnMDwRZkR6BV9Nlychk1wPp3jtJas0I16yZcXzq5ZAy5UaWcl8udi97cZlJbRHfkoXtyHhAk0DBtdSIJEyC6eP-LcKVcXboxWgFCZ3XwGZ-NVoGT583AIPjqtE2J34-LVt6wdTOIx28fyHrKXyM45hC3ghcYG8NsrQnhZS5FPwk9t8rYbB3JpmK6iH359Yjlrl2N8gSyt33DbM9XTUkAcoRMVL-JoOJns4ydmfG38KVwO079-V74xzdsF8yGOUfGwbnEig5u7thPiPlA9-OziVnGRkMtL5TKWWPQh4HluWOz5YQPEDPIIE2W2VWPOe8-C2gWpNpn0Q5i8HiIEhpoY82D2dl1cnKe-e36u6IDz6fk2QgIHIy9zyVj49-v4w6NZ4j4FeRo0T8TusueNWgK-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E303 0
0 167ms
131ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=941605088282331&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame D541 236 KB
63 KB 497ms
83ms Script
text/javascript 2600:141b:1c00:31::1739:5a51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a51 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:21 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 18 Feb 2024 22:58:21 GMT

GET
H2 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D541 69 KB
27 KB 494ms
82ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 22:43:21 GMT

GET
H/1.1 200
OK adobe_contractor_728x90.js Show response
cdn.flashtalking.com/172799/4251821/ Frame D541 158 KB
39 KB 84ms
76ms Script
application/javascript 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.js?1677266971361
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: a78d20e1a59ebd5571c475dc2f5aadb8b750be77193064caf0fb0cb10bc320ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:20 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 39276
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
ETag: W/"9c8f268c02cc211f504d8da181ac1cbc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=149
X-Varnish: 680189373 680487062
Vary: Accept-Encoding
Accept-Ranges: bytes
Expires: Sun, 18 Feb 2024 22:45:49 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame F369 39 KB
15 KB 73ms
67ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame CCDF 39 KB
15 KB 73ms
69ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7893666;4251821;0;271;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/ Frame 1002 0
67 B 435ms
57ms Image
text/plain 54.237.172.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7893666;4251821;0;271;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/?cachebuster=767526210
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-172-131.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:21 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1002 1 B
377 B 430ms
66ms Image
text/plain 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893666;4251821;0-304-0-0-382693955
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sun, 18 Feb 2024 22:43:21 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A3ED 0
54 B 201ms
199ms Ping
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lss3g81r&c=2969248019453&slotId=1484624009726.5&qqid=CNPAhKD7tYQDFQSxywEdryIOaA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2c2~atrd.2cs&ua_e=1&ape=1&ple=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame 1002 103 B
548 B 167ms
153ms XHR
application/json 3.231.238.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.238.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-238-170.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: cd51a9d2ad9f0ab9743fea4142cd561dd5c8b4f0b92b7df3705881200e9406a9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 18 Feb 2024 22:43:21 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://googleads.g.doubleclick.net
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

GET
H3 206 file.mp4
r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/722214bb8908c589/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3852229081/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A3ED 1 MB
0 205ms
128ms Media
video/mp4 2607:f8b0:4000:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:19::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 18 Feb 2024 22:43:21 GMT
date: Sun, 18 Feb 2024 22:43:21 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4311406/4311407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4311407
last-modified: Mon, 12 Feb 2024 23:36:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1002 1 B
377 B 344ms
67ms Image
text/plain 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893666;4251821;0-306-0-0-808744122
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sun, 18 Feb 2024 22:43:21 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 132ms
130ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76SMSVBKSX&gtm=45je41h0v9103191004&_p=1708296195429&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=676940657.1708296196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1708296195&sct=1&seg=0&dl=https%3A%2F%2Ftheipfire.com%2Fcategory%2Fpremium-accounts%2F&dt=Premium%20Accounts%20Archives%20-%20theIPFIRE&en=scroll&epn.percent_scrolled=90&_et=271&tfd=6202
Requested by: Host: theipfire.com
URL: https://theipfire.com/wp-content/uploads/breeze/google/gtag.js?id=GT-MKP7VNN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theipfire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/7893666;4251821;0;401;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/ Frame 1002 42 B
343 B 92ms
76ms Image
image/gif 23.192.34.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/7893666;4251821;0;401;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/?ft_data=d9:20627bfec1a24fad8fef24cb1e65e0be;d9s:20627bfec1a24fad8fef24cb1e65e0be&cachebuster=752287320

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.34.122 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-34-122.deploy.static.akamaitechnologies.com

Software

prod-xre-app29.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:21 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app29.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Sun, 18 Feb 2024 22:43:21 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 121 B
680 B 374ms
151ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=53&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc1&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8f8b73c1de2059c552556ee944ad998684b00f78a78e37f7b92142c8eb23585d

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:21 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame F2C9 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1002 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 50791450-2ece-4857-8816-51756b12e979
https://googleads.g.doubleclick.net/ Frame 1002 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/50791450-2ece-4857-8816-51756b12e979
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 6fdd9dc5-52d5-4080-a040-899c60b723d8
https://googleads.g.doubleclick.net/ Frame 1002 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/6fdd9dc5-52d5-4080-a040-899c60b723d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 1002 6 KB
6 KB 410ms
64ms Image
image/png 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:22 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=949
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Sun, 18 Feb 2024 22:59:11 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 1 B
283 B 79ms
78ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=1321&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc2&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 18 Feb 2024 22:43:22 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
BLOB 200
OK eaa14210-3f76-4d20-a6c0-99a89056a902
https://googleads.g.doubleclick.net/ Frame 1002 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/eaa14210-3f76-4d20-a6c0-99a89056a902
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK adobe_contractor_728x90_atlas_P_1.png
cdn.flashtalking.com/172799/4251821/images/ Frame D541 48 KB
48 KB 138ms
135ms Image
image/png 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251821/images/adobe_contractor_728x90_atlas_P_1.png?1677266971313
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 8badf1d3b89c4079266dfe627edb6a67c8e8b2a33ea3c0c390c98c59226dd438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:22 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 48931
Last-Modified: Thu, 09 Mar 2023 21:49:35 GMT
Server: Flashtalking (AKA)
ETag: W/"b126a4f8c29132454eff595688aff57e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=147
X-Varnish: 378608126
Accept-Ranges: bytes
Expires: Sun, 18 Feb 2024 22:45:49 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 1 B
283 B 77ms
76ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=1502&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc3&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 18 Feb 2024 22:43:22 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCDF 0
12 B 64ms
64ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cSC1IA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK adobe_contractor_728x90_atlas_NP_1.jpg
cdn.flashtalking.com/172799/4251821/images/ Frame D541 112 KB
113 KB 88ms
84ms Image
image/jpeg 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251821/images/adobe_contractor_728x90_atlas_NP_1.jpg?1677266971314
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251821/adobe_contractor_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:43:22 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 114652
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
ETag: W/"795316ba5b57291013ae32d045521d5f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=147
X-Varnish: 253171707
Accept-Ranges: bytes
Expires: Sun, 18 Feb 2024 22:45:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F369 0
22 B 143ms
129ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BVE20B4jSZbf_Oc_doPwP_pWGyAIAAAAAOAHgBAI&bg=!2tml2ZbNAAZN4L4YbeA7ADQBe5WfONnBVICTDQSGut-YOEhoCiaSYV4Q4loF3C8mEqZ27jZQY7xGyXOwQjb70LPVcwCqAgAABsdSAAAABGgBBwoAMCJ8J40NMLNRG00e29lPuAk51qLDYMBTiLtuKKZcQe1uVjknocDSbs8q67jQB0To65kC79DeA33gxzTmfVACOtjJz2zMvQ2insfSP_gAy-FBFiNF3TjvlJ-5zZHbQOJB_5jsB2sGvO6XmIndjGoOtca8_5rIFbM5tpxXSfUDBxLCDU5KeQV12WCDjcBMy9wKNju37kKxJPnvMVRLsOqEdhAn08M-zRMt9euYnYq3nph-UJOEj78bQkvihMErYLf7O5TcExD4V6iO1f_pXmwwuLBWnGUf7VQs_mmRSi6QqiUGf1e0vtUY5tGtikKmlPL2E830rBTR_IAFnyuk_2MWO_EBMohp74A-nBV55zt8x6r2iTXtJEcD8BjtlGNz7iAvFQCVAOYJ3rVtT5HBFnpe3Jy9eXWoPZQ88vCF_hUz90A0vIMsNY-gJLDVx38b7jLpl5danyG1U1xn103rfqM9UJ10ebPc8rYPfHF6tlv-4QdoBTBDAPwVO2qjvmtja9WUaM3kY8BPPwVi1iUYmzRbRQkGmVEf_HahuWgBjdjM2SkGRPZZBA__xtCdHGJRW-lZddoPEA1tXdIzJjV50568tlZyL_1lBacl06eS9v7XdXzGumxMghcVIQclTPyPE3F-Gsc7a6I13HWJuhqQxXOk1RJ3a1qkkCeE2It7CXRa-RAinXRGHW6DF_16aS5xeeCjz9qL17FiXeRz__g-M-45awbhztmzbFVb0vhpHCpmBQovufz5Jb5hOiyB5gm27O355NatjKlql0gNFizxIai19KshZHNdtTc-GrK1q-A_ehZEIqhjyaax2D4seQ-FLQzgoE-GM17T7J8BW8R6EVj_ITJrTQ-1R-2tykY3Wssmyw_tN70FWRjvDddQzeW7dQAGTLzMU2NiObD78mRYOXm03gK0ngjl5lmQ0aogJVpv8qlV2LQEiSA60r9ZWS8oOyvmedHLTZfxkeIk1b8M5cG-WjTdAFldpaz7k4DnQF3eGfAd31ajn-i75gGvLDZWhPabGJxLiBfL8BjP5e-MZS8bADBwC9dc4S8eA05CBtdxP9nx-38

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:43:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 1 B
283 B 83ms
82ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=1848&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc4&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 18 Feb 2024 22:43:23 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1002 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 1 B
283 B 82ms
82ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=2175&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc5&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 18 Feb 2024 22:43:23 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 130ms
129ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=941605088282331&bg=!Xl2lXRLNAAZN4L4YbeA7ADQBe5WfOLspusO0b3p5YH7L-6zNMQX6tti272y6IOhcH1hlcmo5fZ17blp-wBhh4sDKCPJ_AgAABwtSAAAAC2gBBwoAO1RgXPqiH8X8dfiGbHklirLBvjdvDZ04BLOBB9Iz8gV54ExyTzXuSnS-1xhnejEhkUhZ55RVr2M3Mk_RmQK4oAndOLcsndmwzA8wrDjJXlnn2VGZOBXONhv_0z3kiya7IoA29A1MZXrhhOTnVRf6qplCjNegPd2RYdKswAkp7sk_SkPYqCJ8Ckz0UZHaiY9TZRAYsYC7BSjjF-QM62-LhXk2FwG_FY91ZVbmaWjIVfILe4TuRDC14Aj8tTqTBk-bE4KKW_LagsG98eanY-7QHoza7jzKMxMvPywe0QpPXRsvOZyruc9XD6xG1GUUNF7uG3scvsqoTymqZjk1eUSS310J1RrjDQLwqbRwbO47G4yJALR8l50gHuxjtQT-VycMnx4xBEbFuOECPI9t65Jdfd6vQU0xPuxEhnB4X1i0xwgCsQZNVRKBTQu_yb2XHOMvzlYFjcZ-Mdll0-l3QSkryCbnNvDWwQS71vS_Wqnx9MrT8CpT2MBZmwKxmxOurJUeQsI8hMkV9igqAi-hdccU1JaDoXMDbeOOWwIA253OoDG7BrklZ_8Y2Ab-W_ZaUmU2hO2vIfQTyX2YdWSyWW92PY01BFWIOdc1q5jw4kYU6EbnqlsB88SlZpVncWXbEp1IkUsU29-CT6KylP34vslqhfGGo4J9V4ODX12oAyqRUnYne9lwfzCHwgM1n71tdRDwrd52fWlPGs6Dlh9qtZONr6onJYTWeHfhhga2K-Hhy9ROD7QrGkpmElqr_VoqYQ7xJZLaKIfuWDMjhBLwTqK6UAbYBItSaMCWGxZGErAkPYUKGlO2-BZ3GE5SG3399Koj0i5_E0HlB6uHpXMWoYBmfBzYTT4wEoB0288FmOqM8l0DY4OyWvHK4UwMQLQ_71jZSnTSIBp9zvONhMqY_EJjCUBW4BOSS_3fTndb_jWq9Rh-pEcqY1d3Ht6MTlod_yUJ7SMs_WIqiKLwNwF83Ay5uw3eXI4DmGe35sNVYeYPAlxYgVd41e2j
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://theipfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1002 1 B
377 B 71ms
70ms Image
text/plain 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893666;4251821;0-307-0-0-307351360
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:23 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sun, 18 Feb 2024 22:43:23 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1002 1 B
283 B 75ms
74ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=TptsCezeKTKeztOHUefGbcWpMiXpbQVA-FE7fPshldVTqKDUZ03zPEU/J-E03BNM9vY1XrMQ==&pm_ct=f04c2e173e89b10569a6a6a8&pm_pl=1708296201371&pm_td=2769&pid=1000925&en=1.1&callback=__pm_glbl_Qwk8yLMlPnd6RbJXlUb4arhK._gc6&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 18 Feb 2024 22:43:24 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 /
ad-events.flashtalking.com/state/7893666;4251821;0;202;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/ Frame 1002 0
66 B 61ms
57ms Image
text/plain 54.237.172.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7893666;4251821;0;202;B0A3126B-B603-81E0-28DD-D23B2C9C6F69/?cachebuster=502888031
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-172-131.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:43:24 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1002 1 B
377 B 65ms
64ms Image
text/plain 23.206.252.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893666;4251821;0-310-0-0-431556180-50x0x1x0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.252.53 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:43:27 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sun, 18 Feb 2024 22:43:27 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theipfire.com/category/premium-accounts	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.theipfire.com/	1970-01-20 18:31:37	Name: __cf_bm Value: A6MW4Pw2njow4.1ETO0tdDOoRBr_PdXK0PPt6WD_snc-1708296195-1.0-ASrommeY37JMn7JAnLbyq6qyHnMwbYL0+edMUgFHWSBmPR5XDRPGIHjlAdQ4FfPRBqdJQyvU7UN47kEGVIhxcRQ=
.theipfire.com/	1970-01-21 04:07:36	Name: _ga_76SMSVBKSX Value: GS1.1.1708296195.1.0.1708296196.0.0.0
.theipfire.com/	1970-01-21 04:07:36	Name: _ga Value: GA1.2.676940657.1708296196
.theipfire.com/	1970-01-20 18:33:02	Name: _gid Value: GA1.2.653242336.1708296197
.theipfire.com/	1970-01-20 18:31:36	Name: _gat_gtag_UA_258159127_1 Value: 1
.theipfire.com/	1970-01-21 03:53:12	Name: __gads Value: ID=fd3bafda72245a8e:T=1708296196:RT=1708296196:S=ALNI_MZGx2SC56N_4Jijz0irK4tWLFCPAQ
.theipfire.com/	1970-01-21 03:53:12	Name: __gpi Value: UID=00000dcb1d418472:T=1708296196:RT=1708296196:S=ALNI_Ma25aHyvQKp8ykIUlxyr5cw7pKBeA
.theipfire.com/	1970-01-20 22:50:48	Name: __eoi Value: ID=f92f93528a6768c4:T=1708296196:RT=1708296196:S=AA-Afja7wg8SAXVOsPev-RoABTcD
.doubleclick.net/	1970-01-21 04:07:36	Name: IDE Value: AHWqTUmGi4ycdonvkHgJ4mX9GIpL-9_KEiMwsloVUdCe8hLjW_Vc-HgjIzsgwS-t
.theipfire.com/	1970-01-21 03:17:12	Name: FCNEC Value: %5B%5B%22AKsRol9ezJHRfuSuHeLL278Klo0h9AcpkyfYGmOa3t1TwEFKPHMaX4NVzt_SEoC3Vgp2ZNoZyZ9vKKZtD_NmmJygVGY2i5819tY7fFNmExMi0BKJbRsgeAWxIHhWtIaDuV7bOZxDDkyaFms8cyC8gydY3YT_4tX3VA%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-20 22:50:48	Name: APC Value: AfxxVi4e_8fC4QHEkXo1fJHw6QtmShAXc_GJvDNfSIr-vFXe3kfHtg
.doubleclick.net/	1970-01-20 22:50:48	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:17:12	Name: CMID Value: ZdKIBsAoJXEAAG1GACJXRQAA
.casalemedia.com/	1970-01-20 20:41:12	Name: CMPS Value: 2852
.casalemedia.com/	1970-01-20 20:41:12	Name: CMPRO Value: 2852
.adnxs.com/	1970-01-21 04:07:36	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:41:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb9D-5fw!@wnfH8K6pQK`!5=E<*L5?%M/Ygc@Aa(ChY/!:</drDORkA6_c?pW!I[LI#n%nugO%v4VB%nlPJ)b(kn
.adnxs.com/	1970-01-20 20:41:12	Name: XANDR_PANID Value: wFn33vgF-ge6s5NBrspFrQ7BF__WGwsHEUMVurl0CYAH34DuJi0aGQHeYfgzztjjuBbv-8SKe5emXK2KNc0DWLSTni90_10dA2ufV2sjHXE.
.adnxs.com/	1970-01-20 20:41:12	Name: uuid2 Value: 8922052257379672508
.flashtalking.com/	1970-01-21 04:01:00	Name: flashtalkingad1 Value: "GUID=589249A0C654BB"
.doubleclick.net/	1970-01-20 19:14:48	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 20:41:12	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:31:39	Name: DSID Value: NO_DATA
.everesttech.net/	1970-01-21 03:17:12	Name: everest_g_v2 Value: g_surferid~ZdKIBwAADr-WzQBa
.rfihub.com/	1970-01-21 03:53:12	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12DXDL8CgrD0jUjYg3csoz9awszjX1KA_iNTQ3sDCyNDO0tLQwMn7FiMoHACGNwYI9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12DXDL8CgrD0jUjYg3csoz9awszjX1KAcAKdVa9h4AAAA
.rfihub.com/	1970-01-21 03:53:12	Name: rud Value: H4sIAAAAAAAA_-MStjAwNjI3NDI2Nrc0NbQE8swMhPgMdQN9nIxSfaIMI3XDLAD696VWJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MStjAwNjI3NDI2Nrc0NbQE8swMhPgMdQN9nIxSfaIMI3XDLAD696VWJQAAAA
.travelaudience.com/	1970-01-21 03:58:57	Name: _tracker Value: %7B%22UUID%22%3A%22371792B9-9801-4F44-365C-2511D74BF4B6%22%7D
.simpli.fi/	1970-01-21 03:18:38	Name: suid Value: E841C021C2DF4F52AF7FFB302C4E03A7
.tribalfusion.com/	1970-01-20 20:41:12	Name: ANON_ID Value: a9ntuJs2aF8pAJsbX1nRXs8MpZd9ZcAHn1NUjfZaTXO3yNrbOZbU1u3qbdVMf6c5BZdtpW1gRZbQsbS42bfSS9KM7sbTwV
.adkernel.com/	1970-01-20 19:14:48	Name: ADKUID Value: A3270397971712347764
.e-volution.ai/	1970-01-20 18:51:45	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 19:14:48	Name: ADKUID Value: A3270397971712347764
.flashtalking.com/	1970-01-21 03:17:12	Name: _D9J Value: a2e2972ae8674eecac61d51483479920

124 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theipfire.com/category/premium-accounts/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ad-events.flashtalking.com
ad.doubleclick.net
ads.travelaudience.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
bid.g.doubleclick.net
cdn.flashtalking.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
d9.flashtalking.com
data.ad-score.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
js.ad-score.com
pagead2.googlesyndication.com
pixel.wp.com
r3---sn-q4fl6n6r.c.2mdn.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
secure.flashtalking.com
servedby.flashtalking.com
stat.flashtalking.com
stats.wp.com
sync-tm.everesttech.net
theipfire.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.temu.com
104.18.36.155
13.226.34.99
13.35.93.124
130.211.115.4
142.250.176.194
142.250.65.198
142.251.35.162
151.101.66.49
162.159.137.54
172.253.62.157
174.137.133.49
192.0.76.3
199.38.167.131
20.124.48.109
23.192.34.122
23.206.252.53
2600:141b:1c00:31::1739:5a51
2600:9000:261f:4800:a:deb0:3380:93a1
2606:4700::6812:18ad
2607:f8b0:4000:19::8
2607:f8b0:4006:809::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2004
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2006
2607:f8b0:4006:824::200e
2a00:1450:400d:80e::2003
3.231.238.170
34.133.71.175
35.190.0.66
54.237.172.131
68.67.179.164
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01e10f0d3872111514784085caeab6046038e4a2f3ecc9c358d0ed7f5624a635
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
08f3271c578d45479edb3568eb06beeab4568fa8cbac1128371a6b2d4c1b2222
0a65fc176face71ae887a14e4c6e3ee8de307846a985e7c37f16f981642eb868
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
1423ac61eb9bfd822b10571121eac03cca4a4a6cc81b3e48318a438d7f09af19
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9328556f63942f9089a040bd722c33207fb02d13db175e06a780a98477a567
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2156b8e2f672f88456a9b2d2bb9edd794b03c2dab1756b83394a414ecc5b949f
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
26bd0002d9c6993adad0395e0309c7d789ae207ccbf7ee11b8869a8d95bfbd69
28a75cac2d6caa3e8f73fb6ae37ac241a89031f6b167d34f422ea85fddf9797a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ef92eea4642ac1d2e7a7b90ddfbc630d228139318b9bf8be0e274b3efacc09e
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c29c3a54f9b44e7a65ea0b24c8ae203a98dc9ff6b8728e32c70f5393781b52
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
461d270552b2fcf05c2f9af34665eab90441628d0ae96bc6f2890dbf334c4acc
46db58b65a3db4ed556442a9a8684832434edeed917f7f88ec40b819f3b8a9be
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240
48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1
51500d2bc70ebe5cd4b1ce9860576c38c629d737f5ac7c699359435b04c71272
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53ca7afbfdeb9708a327caa7f472e905aabffbc9d22519090b29b28803f8afb1
53ec9a241c6be1d88ebb797faa9c944ab3c4952cef609e363f2469f04fb9b234
54603476238ba6d66fc75d6cb116a966875d8abca5017098d4d56950ccf57246
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f4d646a1b07317c488a042915c64b4185fa21b7f21db001faba5dc10807242
581956944e4dfca3a5a72372eb33498c588c031b3c14caee66f960fe1356bbfa
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4d08abd55347caa64f1f6dbcf16486e8f91a4c95eadfc6606bd4682433c53c
5daf2556a694914d46537ad6440f304aea0be7aed3596ee67d9e3afd693bc939
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18
61860eb0af368075cd1201457d143552abf04c8841bf218653813317e9c3f11d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd1f5d35ac2f2f065c49a31bc97ecf2f20d63ddd3212fce9a2bbdb4e95a1440
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
70f0c830d1083fd173e4e76d873cb8fccb09f72bf57450a608a0005bf9130f8a
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
728ca1acf0372ec4c0e56b8adcb0e07422f9613b4c61405c4c9da2cf6550146a
823911a72a61f4701d1770aa2e3467a5d4f735cfc7f6ebfa52f29c8c090bd102
82cf8e9d7736720768907c2b9d7a62492079b96bb642c99e30fc1ed202ce4eea
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8a988f2f6d260fb12591bb1e30fcc609013f2a4266d22e561fe528cedf6a1c6b
8b3be3ab0e5eeca703625b373b4eacf8ad53fa714d3c8956ca1b9696ac859987
8b44d3bc6bd0ba9649945486f76ad68f311bca06f73a10ca8fb6f3e801998ede
8badf1d3b89c4079266dfe627edb6a67c8e8b2a33ea3c0c390c98c59226dd438
8e4e6431a65758358d748604c291ea6c1fbccbd5b102fa94263ab47572c3839b
8f8b73c1de2059c552556ee944ad998684b00f78a78e37f7b92142c8eb23585d
92c74fd25e871a77d9dfedd8bc3240844332a001ef0358293bf4b1a43bc3c9f7
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
97dab323ebfb2999bc1d48cc49271351315a9267cd63152346e800488b7d0ce7
99c342b1a4eccce2ad99189632cb26b9253bd6d687216b657dfdb820b323389a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a087e6eb64ba793a3fcae3ff61ef86d55a1d7d2966ebe444ca9bf1141a9fee1c
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a18ad96a3e9e2ce96f378f34c7ab7efee95699fb744a0b8e45e63ac6aba63d0f
a37c1ae4753e4d5dc3902ba4737a44d813eb4891ee26ca8c94b0e4a089068f23
a4af7186ad8042770d3580b77892188da8e4e55a413e4b476acb666d3c32bbb8
a5b33d09304c2357fdefd5888bb907856f82c94d424e0312c82c55764d6d83b0
a604b00a9612a62c733c2a1297147925af4a9336023fecca8052eb79ca7c6e07
a78d20e1a59ebd5571c475dc2f5aadb8b750be77193064caf0fb0cb10bc320ba
a7f06935dddd087729820326843e63ea4d68ecb71f1aa63ad07bd263df8e349e
afd27ac03c93c926b7e611f222d85bee29a0586b32d831806336408db5802cbf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19eafa13f23d6d4b29bea17d036e1c7c0b2c1043708ec097007d53872559071
b338acef02b33cbea240f011e1570899be6810ef7237bb0b90c7b490b5cd10ca
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bd6e9eca257fd55109291cb996429e05298804a5e3c5ab7c36412a48445e4fd0
bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505
c1d3eeb9571c705ba1063d4090252b8ebba1850b377cbddb8f7551bbcf390a16
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbd447fabda2d70fd3b5bcc4066c46cd5ea00b7a75c0aff892b19a104b752780
cc1c81fe11d1bd086d5a8708d4aa0c22c4f7679e06de4e5ae97be8cfac8bef0a
cd51a9d2ad9f0ab9743fea4142cd561dd5c8b4f0b92b7df3705881200e9406a9
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d4f031c0e2645632e3abdcf46fe33f321bdc1fbfc5de10dcb79f808771fdd3c8
db0594bbba5ec371d039882d7bfdaf92fd5b9f6bef8b7490a0cf73bfc1dcc609
db4c13925e552901075af6bf79d1c7af3d55f70a5179e17b0c358bb405bb20db
dc805a04535caf035727fb710786c2bc606170caa2f4d81165fb71ee6e2c30a8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e91c0cdaaf3c96c15bca3130b80c11456577bbc4b0a3178f73598052d8212018
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
edec834ea607ecab16fc0db38b4f4bd9ad5b2c28c4cd59ceecfb766f03cc65b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6af571397b32696b8ba13caff0260241b1cbff968c53147a7f743f67c4af24
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f958a0150bb4dadcca3297b992887b9fcdef753cc84fd3cb1c9edf1e848fd708
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

theipfire.com Open in urlscan Pro 162.159.137.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

211 Requests

91 %HTTPS

45 %IPv6

25 Domains

44 Subdomains

32 IPs

3 Countries

3176 kBTransfer

9306 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theipfire.com Open in urlscan Pro
162.159.137.54 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

91 %
HTTPS

45 %
IPv6

25
Domains

44
Subdomains

32
IPs

3
Countries

3176 kB
Transfer

9306 kB
Size

36
Cookies

211 HTTP transactions
13 data transactions