teb.shatateg.com Open in urlscan Pro
66.29.132.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.teb.shatateg.com/
Effective URL:
https://teb.shatateg.com/
Submission: On March 21 via api (March 21st 2024, 7:44:01 am UTC) from US — Scanned from US

Summary HTTP 249 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 17 domains to perform 249 HTTP transactions. The main IP is 66.29.132.80, located in United States and belongs to NAMECHEAP-NET, US. The main domain is teb.shatateg.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2024. Valid for: a year.

This is the only time teb.shatateg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	66.29.132.80 66.29.132.80	22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
42	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
1 13	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1 2	54.209.232.41 54.209.232.41	14618 (AMAZON-AES) (AMAZON-AES)
9 12	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
3	2600:9000:247... 2600:9000:247b:4800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.124.65 18.164.124.65	16509 (AMAZON-02) (AMAZON-02)
1	54.90.211.165 54.90.211.165	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:1f13:800... 2600:1f13:800:7782:158e:a624:38d7:fe67	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.32.98 142.251.32.98	() ()
249	27

65 66.29.132.80 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium203-1.web-hosting.com

www.teb.shatateg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
teb.shatateg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81e::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.232.41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-232-41.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.40.162 (Queens, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (San Francisco, United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.179.166 (North Bergen, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:247b:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-65.jfk50.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.90.211.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-211-165.compute-1.amazonaws.com

tracker.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7782:158e:a624:38d7:fe67 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204 ade.googlesyndication.com	1022 KB
65	shatateg.com 1 redirects www.teb.shatateg.com teb.shatateg.com	1 MB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 413	1 MB
32	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 bid.g.doubleclick.net — Cisco Umbrella Rank: 1305 cm.g.doubleclick.net — Cisco Umbrella Rank: 353 ad.doubleclick.net — Cisco Umbrella Rank: 189	222 KB
13	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	71 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179	6 KB
11	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1092 static.adsafeprotected.com — Cisco Umbrella Rank: 895 dt.adsafeprotected.com — Cisco Umbrella Rank: 825	106 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	192 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 371	10 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	27 KB
1	samplicio.us tracker.samplicio.us — Cisco Umbrella Rank: 3285	340 B
1	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 3748	434 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	254 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 3278	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	97 KB
249	17

	Domain	Requested by
64	teb.shatateg.com	teb.shatateg.com
42	pagead2.googlesyndication.com	teb.shatateg.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com bid.g.doubleclick.net s0.2mdn.net
36	s0.2mdn.net	teb.shatateg.com s0.2mdn.net
28	tpc.googlesyndication.com	googleads.g.doubleclick.net teb.shatateg.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com teb.shatateg.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	ad.doubleclick.net	teb.shatateg.com
5	fonts.googleapis.com	teb.shatateg.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net teb.shatateg.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	pixel.adsafeprotected.com	1 redirects teb.shatateg.com
2	www.googleadservices.com	teb.shatateg.com
1	ade.googlesyndication.com	teb.shatateg.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	tracker.samplicio.us	googleads.g.doubleclick.net
1	tag.researchnow.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	teb.shatateg.com
1	www.google-analytics.com	www.googletagmanager.com
1	secure.gravatar.com	teb.shatateg.com
1	www.googletagmanager.com	teb.shatateg.com
1	www.teb.shatateg.com	1 redirects
249	27

This site contains links to these domains. Also see Links.

Domain
tep.shatateg.com

Subject Issuer	Validity	Valid
teb.shatateg.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-17` - `2025-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M02	`2023-10-17` - `2024-11-14`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://teb.shatateg.com/
Frame ID: DF4F8B3D18ACC2D11257E2E7F9E047B0
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5523944341897065&output=html&adk=1812271804&adf=3025194257&lmt=1711007035&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fteb.shatateg.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711007034617&bpp=9&bdt=868&idt=552&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5060679208451&frm=20&pv=2&ga_vid=1027939771.1711007035&ga_sid=1711007035&ga_hid=622420873&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&oid=2&pvsid=3141070007527620&tmod=262309830&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=607
Frame ID: 914114AF3EEAB3B8B624A369E8E6FDD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5523944341897065&output=html&h=280&slotname=1084095384&adk=1528697250&adf=3637547805&pi=t.ma~as.1084095384&w=1200&fwrn=4&fwrnh=100&lmt=1711007035&rafmt=1&format=1200x280&url=https%3A%2F%2Fteb.shatateg.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711007034626&bpp=6&bdt=878&idt=614&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5060679208451&frm=20&pv=1&ga_vid=1027939771.1711007035&ga_sid=1711007035&ga_hid=622420873&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&oid=2&pvsid=3141070007527620&tmod=262309830&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=625
Frame ID: 4131B7A48661CD4BF079248D3693900A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 0240F457F7B56CC5C05CF0C686DC0BAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 66BDA06A47DE08496716B9B933226047
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 152B3A4BC3357AF93A2D53C4F7699B6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 6F716543111172E46FAB3B63D76379DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 5AD63FC043522BE8E2D81C6503467EC2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BA19767BADCDFA6E93A4C49BE56B45F1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46C9D7F3D9F177D7B51AE3298550698B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGOidq4oCMAE&v=APEucNXnhHpE7XKowwIZVAplU-pTZCuQM_-5zsHp-xB67ajgaCOdLEGNQiHQQ7dgHTL_Rs1vro4uWMcgNx8G-SWc3wSCargqPQ
Frame ID: FA09A46FFFE0BDA87163BF721E7FB281
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 7CCC4DDEA5E2D7FF0EB5F4027F987662
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGP-qmYgCMAE&v=APEucNULkMDmGYa5cWRYNdQla_WbyAzXYLaJX9GS3w3q_ASMgbgxoiNrNqg7A0Esfy7GPL-0KPB6y9J37GUGlEnMKY2kXdftXQ
Frame ID: C550F7B1F74770FC5F28393F416E456B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EB8FC79A30C8894D4281B4C072FAF5E5
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGImdq4oCMAE&v=APEucNUeurFeUM73Y3Qm1UYwYpcTOT7k07MVUu5qdOhh74nuneTT5N4r3S5SPlZgovLCr0YYV4gSyeiP4qvX-0fPD5cD9uV30w
Frame ID: 7B2C3CE312A2355DEE73065AC8C3A849
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 55570D6755BC685F215646C75654CC47
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9F97FCB5F48B913DD059446632DB3222
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 490B2F9C8C5C9C67FE94241DEF073789
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 2A7A863D24A388C46A74675A3E45FD2C
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
Frame ID: 29A7272BD306256859DD788995C609E8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
Frame ID: 8FA43237D7A6B9B104E3128D6D9FD048
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 140B91CBB6A4623495442FE7EEDDB686
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
Frame ID: A14C94D402478BB1F2B170FFE79ECEE0
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 37FD9478E6DB5DFB9C45093D72A270F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Frame ID: 3014BDD553D72F2C65F360B46C50B6B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8A1644786FCA61F51C462B08BCD04F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3935446F6FED66EA7ECE4E5F0597BA7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

لِكُلِّ دَاءٍ دَوَاءٌ - شتات طب

Page URL History Show full URLs

https://www.teb.shatateg.com/ HTTP 301
https://teb.shatateg.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

249
Requests

94 %
HTTPS

58 %
IPv6

17
Domains

27
Subdomains

27
IPs

2
Countries

4446 kB
Transfer

10164 kB
Size

19
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://tep.shatateg.com/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://tep.shatateg.com/category/%d9%85%d8%b3%d8%aa%d8%b4%d9%81%d9%8a%d8%a7%d8%aa/%d9%85%d8%b3%d8%aa%d8%b4%d9%81%d9%8a%d8%a7%d8%aa-%d8%a7%d9%84%d8%b3%d8%b9%d9%88%d8%af%d9%8a%d8%a9/
Title: الكل

Search URL Search Domain Scan URL

URL: https://tep.shatateg.com/category/%d8%a3%d9%81%d8%b6%d9%84-%d8%af%d9%83%d8%aa%d9%88%d8%b1/
Title: الكل

Search URL Search Domain Scan URL

URL: https://tep.shatateg.com/category/%d8%ad%d8%ac%d8%b2-%d9%85%d9%88%d8%b9%d8%af-%d9%85%d8%b3%d8%aa%d8%b4%d9%81%d9%89/
Title: الكل

Search URL Search Domain Scan URL

URL: https://tep.shatateg.com/category/%d9%88%d8%b5%d9%81%d8%a7%d8%aa-%d8%b7%d8%a8%d9%8a%d8%a9/
Title: الكل

Search URL Search Domain Scan URL

URL: https://tep.shatateg.com/%d8%b3%d9%8a%d8%a7%d8%b3%d8%a9-%d8%a7%d9%84%d8%ae%d8%b5%d9%88%d8%b5%d9%8a%d8%a9/?customize_changeset_uuid=4a29560c-7d27-4801-9953-f14cd70d42c5
Title: سياسة الخصوصية

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.teb.shatateg.com/ HTTP 301
https://teb.shatateg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CfBPzO-X7ZcbaGZrvxtYPibmz2Aef1NTBdpCqp8WdEmQQASDuyJF9YMmGgIDco8QQoAHd8KrAKsgBCagDAcgDywSqBNkBT9CVJqyZUGFg-dMx80KApR7oOFrmfzN2ajzjO1yR6HizMlSZsnZjRmRR5r4qNFOVs0rrGOEAoRASK6-Rxm9fJKjhQwqlZ9XJMnGO1lQGehiZ3JzrofJ6hssqXxBheu-MLckTIPyOyT1G_le-0nMSy01dqflx-1QyLI2pKjQu7Uk0F-CG8wPYsjzZoaqeRmOGudjDA4SkLxNiR_4wfPYHgP-kAJq3GPGw5tdLpWvrve5MhpBwcH7SeLbULbmHvnJGZ4YH1WSmimYp3fDE1MLsraBTnfTqmUCCOcAE9fPQxdAEiAWOs86pTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEENiEB9IIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliHrLf07YSFA5oJjgFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZEZpeGVyLmh0bWw_Y2FtcGFpZ25faWQ9MjEwMjUyMzMyOTQmYWRncm91cF9pZD0xNTkwNTk4MTg5OTcmcGxhY2VtZW50X2lkPXRlYi5zaGF0YXRlZy5jb20mY3JlYXRpdmVfaWQ9NjkxNDM2NjYyMjYxgAoByAsB2gwQCgoQ8NCO6cP2qIdnEgIBA7gT5APYEwyIFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItNTUyMzk0NDM0MTg5NzA2NRgAshgEEgLeaOgYAQ&sigh=JvGMnXl_czM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqiXdzzt8bO9467YsTH7zJc0SGvXhwFYYdPEd_NafKE9N1IybxPi7k2CLhm3bZur5inEtT3CqqIRYNRNxZR5UpLJmUor4nUPlRQJ4YAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8a56547754691e170000000000000000%22,%222%22:%220x38efa9086c1101fa0000000000000000%22,%223%22:%220x35da3203320f53660000000000000000%22,%224%22:%220x35a40a5931fc2ce30000000000000000%22,%225%22:%220xa087b550fe05cccf0000000000000000%22},%22debug_key%22:%221629946253836472130%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221593937281360960273%22}&andc=true

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 158

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Request Chain 160

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 184

https://pixel.adsafeprotected.com/rfw/st/1288019/78683891/skeleton.js?adsafe_url=https%3A%2F%2Fteb.shatateg.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fteb.shatateg.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240319%2Fr20110914%2Fzrt_lookup_fy2021.html&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240319%2Fr20110914%2Fzrt_lookup_fy2021.html%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5523944341897065%26fa%3D4%26ifi%3D5%26uci%3Da!5%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:9adaeb56-8d47-a17b-2152-c647a9322fd5,c:7xdNKf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c45d7cb47-2wkj9,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:708,mot:0,app:0,maw:0,tdt:s,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:738,oid:c6396d07-e756-11ee-94bf-eeeea8ed4e84,v:19.8.491,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

249 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
teb.shatateg.com/
Redirect Chain

https://www.teb.shatateg.com/
https://teb.shatateg.com/

352 KB
67 KB

209ms
208ms

Document
text/html

66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: ba92485740c3204ab381a7770b5a3cd31436a0a7412b56a0da97dcf29ce35c18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 07:43:53 GMT
etag: "255-1710963893;br"
link: <https://teb.shatateg.com/wp-json/>; rel="https://api.w.org/" <https://teb.shatateg.com/wp-json/wp/v2/pages/2342>; rel="alternate"; type="application/json" <https://teb.shatateg.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 07:43:53 GMT
location: https://teb.shatateg.com/
server: LiteSpeed
x-litespeed-cache: miss
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 main.min-rtl.css
teb.shatateg.com/wp-content/themes/astra/assets/css/minified/ 42 KB
8 KB 111ms
98ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/themes/astra/assets/css/minified/main.min-rtl.css?ver=4.6.8
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 877c2871eeeae9551ebc0809e708ed6b4e18f29b89c7af287838c6281bda6ab3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Sat, 09 Mar 2024 04:07:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8113
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 241ms
92ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CLora%3A700&display=fallback&ver=4.6.8

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39d752bfe6a9471e688d51bdf902bc8e5fa7234ae75c9f1bafbd4c2b3787df2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 07:43:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 07:43:53 GMT

GET
H2 200 upk-site.rtl.css
teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/ 38 KB
5 KB 181ms
167ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/upk-site.rtl.css?ver=3.11.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1dd618fa22015a779c6e0fd0520522fe395c2ee0235c27cf4ca028026a1aaa28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 01:17:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5199
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 header-footer-elementor.css
teb.shatateg.com/wp-content/plugins/header-footer-elementor/assets/css/ 776 B
479 B 177ms
164ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.26
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 259
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 frontend-lite-rtl.min.css
teb.shatateg.com/wp-content/plugins/elementor/assets/css/ 116 KB
13 KB 120ms
107ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.20.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 80b4accbb71129990fa5677bdff24baf6b6ff27cc6204966be89965a33c7f2ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13004
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 swiper.min.css
teb.shatateg.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
4 KB 116ms
103ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4248
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 post-11.css
teb.shatateg.com/wp-content/uploads/elementor/css/ 1 KB
536 B 116ms
104ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/uploads/elementor/css/post-11.css?ver=1710954786
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0649e29d7357667e80368af86ed5d62d22dab1d2ee15be860fbe4b1c22526d02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:13:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 316
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 uael-frontend-rtl.min.css
teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/min-css/ 630 KB
64 KB 185ms
174ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend-rtl.min.css?ver=1.36.30
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4668aaa115d9fc817da22e7b6771b5181dc68bc11fff9610e3cd202d5ffc8d01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 00:27:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 65054
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 wpforms-base.min.css
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/css/frontend/classic/ 50 KB
6 KB 179ms
168ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/css/frontend/classic/wpforms-base.min.css?ver=1.8.7.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: abfa42ca42e73fdd0d4458a8e070ca5a5e5bf84555650ac8a71e6b14e80e617b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5672
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 post-2342.css
teb.shatateg.com/wp-content/uploads/elementor/css/ 20 KB
2 KB 174ms
164ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/uploads/elementor/css/post-2342.css?ver=1710960653
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: bd39ad9ad66e4aea9850216d40bcec1307c72dde6c1d16ad7f1529b77676dfcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 18:50:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1655
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 post-475.css
teb.shatateg.com/wp-content/uploads/elementor/css/ 16 KB
2 KB 178ms
169ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/uploads/elementor/css/post-475.css?ver=1710954788
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 76df42a653c7a3837918c2ba9a12153a151cd8b7faa4f90bff7189f2962318ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:13:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1520
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 astra-addon-65f9c58e807761-49531684.css
teb.shatateg.com/wp-content/uploads/astra-addon/ 49 KB
6 KB 268ms
260ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/uploads/astra-addon/astra-addon-65f9c58e807761-49531684.css?ver=4.6.4
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6c99d9ffffee64964c3d826d3cccd5f33b8f575f491dc844fde39b6dfb55c401

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 17:04:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6305
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 public.css
teb.shatateg.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
644 B 269ms
261ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7cae7169b827677f1d974d924cd7217e3c88d63da5b43c3dea66141f46969b28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 02:54:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 424
expires: Thu, 28 Mar 2024 07:43:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 233ms
90ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.3

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94f0cb222975e7939a4b4c283376fc06fbcdfcfced990a4cfbb37bf74a29567f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:32:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 07:43:53 GMT

GET
H2 200 jquery.min.js Show response
teb.shatateg.com/wp-includes/js/jquery/ 86 KB
29 KB 210ms
203ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 02:44:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 29744

GET
H2 200 jquery-migrate.min.js Show response
teb.shatateg.com/wp-includes/js/jquery/ 13 KB
5 KB 268ms
262ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4678

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 256ms
89ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5TG3J886

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdbf662acf2d4882a8beed29ee1c6595990283d8bdba1f7d8527a9ced2a0e8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 07:43:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 301ms
134ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5523944341897065&host=ca-host-pub-2644536267352236

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4779371b5aaecbde777742fb0beaed394eeee74b5af207e515d9d063396e8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51150
x-xss-protection: 0
server: cafe
etag: 4306039465707473539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 07:43:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 232ms
91ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700;800&family=Cairo:wght@200..1000&family=Noto+Kufi+Arabic:wght@100..900&display=swap

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe0ffd6370e215ac93e92e280eab9ef897dff6ad48a3bf853dcd764864c1ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 07:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 07:43:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 07:43:53 GMT

GET
H2 200 business-blog-site-logo-2-128x40.png
teb.shatateg.com/wp-content/uploads/2024/03/ 5 KB
5 KB 105ms
104ms Image
image/png 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/business-blog-site-logo-2-128x40.png
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 83dd059b97a2ee20fbf05ed798a5f5e3941a55e7a56cd746108dd486d90fc171

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Tue, 19 Mar 2024 17:04:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5144
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%87%D8%AF-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D9%8A-%D8%A8%D8%A7%D9%84%D8%AF%D9%85%D8%A7%D9%85-300x158.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 10 KB
10 KB 107ms
106ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%87%D8%AF-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D9%8A-%D8%A8%D8%A7%D9%84%D8%AF%D9%85%D8%A7%D9%85-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2f941fa78bcb96c10579a587e22db761b6f1d8a2a3e1e35cc6c5c627482d8920

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Wed, 20 Mar 2024 16:52:34 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10334
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 041f7988298ed91ffd847f6da50b0b7d
secure.gravatar.com/avatar/ 1018 B
1 KB 126ms
33ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/041f7988298ed91ffd847f6da50b0b7d?s=48&d=mm&r=g
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: dab55442fb17b93d6dfd52e2b865ef89a68b75a12349f5cd3614390a6d54c0a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="041f7988298ed91ffd847f6da50b0b7d.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/041f7988298ed91ffd847f6da50b0b7d?s=48&d=mm&r=g>; rel="canonical"
content-length: 1018
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 07:48:54 GMT

GET
H2 200 %D8%AD%D8%AC%D8%B2-%D9%85%D9%88%D8%B9%D8%AF-%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%BA%D9%84%D9%8A%D9%84-300x158.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 11 KB
11 KB 104ms
103ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D8%AD%D8%AC%D8%B2-%D9%85%D9%88%D8%B9%D8%AF-%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%BA%D9%84%D9%8A%D9%84-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 133bf967d042d8b36e66741c07b0c8e344b0b2c94e312ed8819a211076472db1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 07:55:09 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11552
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 323ms
160ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5523944341897065

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8d617b28a82f37b54d56705349ce899f99eec59e0f8777afc556db8867abdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51149
x-xss-protection: 0
server: cafe
etag: 9919234734208967420
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 07:43:54 GMT

GET
H2 200 widget-icon-box-rtl.min.css
teb.shatateg.com/wp-content/plugins/elementor/assets/css/ 10 KB
873 B 112ms
111ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/css/widget-icon-box-rtl.min.css
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: e10155d53492ded3c166ab6ffb0d572f0838c479db92c4dfbd69673a37d11528

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 653
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 business-blog-site-logo-2.png
teb.shatateg.com/wp-content/uploads/2024/03/ 13 KB
13 KB 112ms
112ms Image
image/png 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/business-blog-site-logo-2.png
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 58681d19adc4845e2570222cb1915b9ae0957a6e65fef8dfe40a5d64124244f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Fri, 15 Mar 2024 01:51:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13524
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 frontend.css
teb.shatateg.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 74 KB
7 KB 112ms
112ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.26
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6f708315ec1e5f14fcf831768764aad338d6507ac1e5f11c155c820487052544

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7413
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 upk-font.rtl.css
teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/ 14 KB
2 KB 110ms
110ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/upk-font.rtl.css?ver=3.11.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6a86011fe975a6f628beff0617639b6004e4c45fa841779e9455b336ab0961bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 01:17:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2220
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 upk-alex-grid.rtl.css
teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/ 8 KB
1 KB 106ms
106ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/css/upk-alex-grid.rtl.css?ver=3.11.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: ec8afdb18ff5830e15f44029f886361c9d53aaa405a946f0fb27872b86e4b1e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 01:17:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1248
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 magamenu-frontend.min.css
teb.shatateg.com/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/ 0
188 B 107ms
105ms Stylesheet
text/css 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/magamenu-frontend.min.css?ver=4.6.4
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 10 Mar 2024 21:49:50 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 0
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
BLOB 200
OK 1e3a3a46-bedd-4efa-86f0-543c537fa3b1
https://teb.shatateg.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://teb.shatateg.com/1e3a3a46-bedd-4efa-86f0-543c537fa3b1
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 frontend.min.js Show response
teb.shatateg.com/wp-content/themes/astra/assets/js/minified/ 21 KB
5 KB 105ms
103ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.8
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sat, 09 Mar 2024 04:07:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4836

GET
H2 200 wp-polyfill-inert.min.js Show response
teb.shatateg.com/wp-includes/js/dist/vendor/ 8 KB
2 KB 107ms
105ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 18 Jan 2023 21:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2320

GET
H2 200 regenerator-runtime.min.js Show response
teb.shatateg.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 110ms
110ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 05:00:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2402

GET
H2 200 wp-polyfill.min.js Show response
teb.shatateg.com/wp-includes/js/dist/vendor/ 112 KB
34 KB 111ms
111ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Tue, 26 Sep 2023 23:53:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 34605

GET
H2 200 dom-ready.min.js Show response
teb.shatateg.com/wp-includes/js/dist/ 498 B
453 B 117ms
116ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 22:56:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 281

GET
H2 200 main.js Show response
teb.shatateg.com/wp-content/plugins/astra-pro-sites/inc/lib/onboarding/assets/dist/template-preview/ 6 KB
2 KB 124ms
112ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/astra-pro-sites/inc/lib/onboarding/assets/dist/template-preview/main.js?ver=06758d4d807d9d22c6ea
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4a8bd33bfe771e0bd46fade45435a9fa2d0c3a8af2409b1f5a74a6b96b03faa9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2086

GET
H2 200 astra-addon-65f9c58e81aa94-82761568.js Show response
teb.shatateg.com/wp-content/uploads/astra-addon/ 37 KB
7 KB 122ms
111ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/uploads/astra-addon/astra-addon-65f9c58e81aa94-82761568.js?ver=4.6.4
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0ad79ac33c7c41387626a97dedea41c966bb10f37988f79300885ded4e73d8f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 17:04:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7009

GET
H2 200 upk-animations.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/js/extensions/ 886 B
581 B 117ms
112ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/js/extensions/upk-animations.min.js?ver=6.4.3
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: efacad47a80c1f1ce7a2fcd192a4d852d1b33b9a2a404272f8a23d5de6e399cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2024 01:17:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 409

GET
H2 200 imagesloaded.min.js Show response
teb.shatateg.com/wp-includes/js/ 5 KB
2 KB 105ms
104ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 03:48:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1687

GET
H2 200 slick.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/slick/ 42 KB
10 KB 114ms
113ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.36.30
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: b2b85d10fdb069d676488d4bd70e661f25651d9f5ff7f88f3bb9e234a171b6f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Mon, 11 Mar 2024 17:51:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10556

GET
H2 200 isotope.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/isotope/ 37 KB
10 KB 106ms
106ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.36.30
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3d0ff43987dad12fabfc311eb21149e4afbf79de0e7095cfef9bfb75936baec6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Mon, 11 Mar 2024 17:51:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9879

GET
H2 200 uael-posts.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/min-js/ 7 KB
2 KB 121ms
120ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/min-js/uael-posts.min.js?ver=1.36.30
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: aa973cc84a31f73755348dd7ad895cedfcae706c4184034447550471986a9568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Mon, 11 Mar 2024 17:51:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2002

GET
H2 200 jquery_resize.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/ 3 KB
1 KB 121ms
121ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resize.min.js?ver=1.36.30
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 54c8ea0d64c3d52573359befbd4e5fab7ff3d18abedf40759fba7d500832177a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Mon, 11 Mar 2024 17:51:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1218

GET
H2 200 frontend.js Show response
teb.shatateg.com/wp-content/plugins/header-footer-elementor/inc/js/ 27 KB
4 KB 112ms
108ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.26
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3645

GET
H2 200 webpack.runtime.min.js Show response
teb.shatateg.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 123ms
120ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.20.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2a2f6696cabf9e52f1853bc7067bfa0e9b483e5e91888deaaef1277db88da7b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2070

GET
H2 200 frontend-modules.min.js Show response
teb.shatateg.com/wp-content/plugins/elementor/assets/js/ 59 KB
16 KB 113ms
110ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.20.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: b436b03c84fb39a3cb9f9bb41f590e03658e15f504a4ecd2d30130622f7d61a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16462

GET
H2 200 waypoints.min.js Show response
teb.shatateg.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 110ms
109ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867

GET
H2 200 core.min.js Show response
teb.shatateg.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 122ms
122ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Fri, 03 Feb 2023 03:06:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6801

GET
H2 200 frontend.min.js Show response
teb.shatateg.com/wp-content/plugins/elementor/assets/js/ 39 KB
12 KB 119ms
119ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.20.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 359bdb6a58c27b189bbd516b001c3de891dd111a1117164f1e485dd5dbba911f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:12:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11876

GET
H2 200 upk-site.min.js Show response
teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/js/ 32 B
182 B 106ms
105ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/ultimate-post-kit/assets/js/upk-site.min.js?ver=3.11.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3e1f8960b3ef0d809c54fe0eb21036c8a2879147e90fff33bfea0c482e067cdd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
x-turbo-charged-by: LiteSpeed
last-modified: Fri, 15 Mar 2024 01:17:40 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 32
content-type: text/javascript

GET
H2 200 underscore.min.js Show response
teb.shatateg.com/wp-includes/js/ 18 KB
7 KB 112ms
112ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 00:48:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7179

GET
H2 200 wp-util.min.js Show response
teb.shatateg.com/wp-includes/js/ 1 KB
862 B 108ms
108ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/wp-util.min.js?ver=6.4.3
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Tue, 20 Sep 2022 13:22:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 690

GET
H2 200 frontend.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/ 771 B
514 B 105ms
103ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.7.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2dea57483641f8762937dfd9b09126a9b21c88bd3d7486186003e0bbb9043145

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 342

GET
H2 200 jquery.validate.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/ 24 KB
8 KB 106ms
104ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2f4cfbbc8e5ec834092f3e40158b5a1b1551fb0b8e5bb9894335bac7b49f913a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7677

GET
H2 200 mailcheck.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/ 4 KB
2 KB 107ms
105ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1615

GET
H2 200 punycode.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/ 2 KB
1005 B 102ms
101ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 833

GET
H2 200 utils.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/share/ 339 B
369 B 114ms
114ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/share/utils.min.js?ver=1.8.7.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: b969721ef6fcca6918159844304aff2970cf511e07f17837c55e989876cd7a3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 197

GET
H2 200 wpforms.min.js Show response
teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/frontend/ 42 KB
12 KB 337ms
337ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-content/plugins/wpforms-lite/assets/js/frontend/wpforms.min.js?ver=1.8.7.2
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4e3a5c54dd56e9c403193c8cbb82ba17fb70928c3fec2085f3d0b178aadcc6d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 22:01:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12016

GET
H2 200 SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
fonts.gstatic.com/s/cairo/v28/ 33 KB
33 KB 202ms
64ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700;800&family=Cairo:wght@200..1000&family=Noto+Kufi+Arabic:wght@100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:51:45 GMT
x-content-type-options: nosniff
age: 85929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:51:45 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 276ms
138ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CLora%3A700&display=fallback&ver=4.6.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:58 GMT
x-content-type-options: nosniff
age: 81596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:03:58 GMT

GET
H2 200 SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2
fonts.gstatic.com/s/cairo/v28/ 30 KB
30 KB 341ms
214ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700;800&family=Cairo:wght@200..1000&family=Noto+Kufi+Arabic:wght@100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 06:55:01 GMT
x-content-type-options: nosniff
age: 2933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30596
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 06:55:01 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2
fonts.gstatic.com/s/lora/v35/ 21 KB
21 KB 273ms
170ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CLora%3A700&display=fallback&ver=4.6.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d359880fa99ef4c99b45828b69ea479bbe8a98acad2dab05fa033fdcf161101c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:14:46 GMT
x-content-type-options: nosniff
age: 80948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21128
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:14:46 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-300x158.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 9 KB
10 KB 134ms
126ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4f28e848b7bfcc9e1c92ed2d64ba20f9bf13a06c22acbbcd5697b913e50fe519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:19:01 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9666
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%AF%D8%A7%D8%B1-%D8%A7%D9%84%D8%B4%D9%81%D8%A7%D8%A1-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6-300x158.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 8 KB
9 KB 129ms
120ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%AF%D8%A7%D8%B1-%D8%A7%D9%84%D8%B4%D9%81%D8%A7%D8%A1-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: b5b87445d5a5290db97c93ed6498a753975fbdabbed8ca0c121c79286a83d899

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:27:54 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8564
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D9%85%D8%AF%D9%8A%D9%86%D8%A9-%D8%A7%D9%84%D9%85%D9%86%D9%88%D8%B1%D8%A9-...
teb.shatateg.com/wp-content/uploads/2024/03/ 11 KB
11 KB 130ms
121ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D9%85%D8%AF%D9%8A%D9%86%D8%A9-%D8%A7%D9%84%D9%85%D9%86%D9%88%D8%B1%D8%A9-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 29fa96b7a0b9c6369e60ba0e70cf5e2d0fec233fdbe38a25afcd03fb7ce7b398

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:07:36 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11358
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6-300x158.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 8 KB
8 KB 130ms
122ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6-300x158.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: cafbdc8859a471bfe3ca1fa74875ecf94084726d033999fe4a5da29f3f9b5d93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Thu, 14 Mar 2024 11:10:17 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8200
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%87%D8%AF-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D9%8A-%D8%A8%D8%A7%D9%84%D8%AF%D9%85%D8%A7%D9%85.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 63 KB
63 KB 250ms
247ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%87%D8%AF-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D9%8A-%D8%A8%D8%A7%D9%84%D8%AF%D9%85%D8%A7%D9%85.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6c7af97df2edd8a7b4350e1025a6a743fd659b8a8d2db3470957568860b64c27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Wed, 20 Mar 2024 16:52:34 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 64624
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 38 KB
38 KB 133ms
126ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7b514bcf19831b88f68b796000857a69d460fed4b19193a38f1e05590ac873d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:19:01 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 39036
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%AF%D8%A7%D8%B1-%D8%A7%D9%84%D8%B4%D9%81%D8%A7%D8%A1-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 36 KB
37 KB 252ms
249ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%AF%D8%A7%D8%B1-%D8%A7%D9%84%D8%B4%D9%81%D8%A7%D8%A1-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 59d1897dd09f6a955b78e28b7b372429ce9fa4dc075eba546e16f5848a305f50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:27:54 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 37338
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D9%85%D8%AF%D9%8A%D9%86%D8%A9-%D8%A7%D9%84%D9%85%D9%86%D9%88%D8%B1%D8%A9....
teb.shatateg.com/wp-content/uploads/2024/03/ 42 KB
42 KB 132ms
124ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D9%85%D8%AF%D9%8A%D9%86%D8%A9-%D8%A7%D9%84%D9%85%D9%86%D9%88%D8%B1%D8%A9.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: a79e3c3426aee87863028c5f3ebaf858b6ef546286c1d8b86427d17d979a7a1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 08:07:36 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 43294
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 30 KB
30 KB 251ms
243ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 47c989adb4890c251fb3c9c039bfd540d80268776870cc79bb959f663d0e7068

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Thu, 14 Mar 2024 11:10:17 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30312
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%AE%D8%A8%D8%B1.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 42 KB
42 KB 250ms
247ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%B3%D9%84%D9%8A%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-%D8%A7%D9%84%D8%AE%D8%A8%D8%B1.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3d5fbd63abde0f5185ff562ec63951e4afac8ce34e87b5ccba110d7f43a71f37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Thu, 14 Mar 2024 11:18:52 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 42954
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 %D8%AD%D8%AC%D8%B2-%D9%85%D9%88%D8%B9%D8%AF-%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%BA%D9%84%D9%8A%D9%84.webp
teb.shatateg.com/wp-content/uploads/2024/03/ 640 KB
640 KB 106ms
106ms Image
image/webp 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teb.shatateg.com/wp-content/uploads/2024/03/%D8%AD%D8%AC%D8%B2-%D9%85%D9%88%D8%B9%D8%AF-%D9%85%D8%B3%D8%AA%D8%B4%D9%81%D9%89-%D8%A7%D9%84%D8%AC%D8%AF%D8%B9%D8%A7%D9%86%D9%8A-%D8%BA%D9%84%D9%8A%D9%84.webp
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: fa3c1a2ea61c4d214b91ddd34ca6f96c65c7a7bfb95e14cc42116bf937425636

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
last-modified: Sun, 17 Mar 2024 07:55:08 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 655116
expires: Thu, 28 Mar 2024 07:43:54 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 202ms
201ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CLora%3A700&display=fallback&ver=4.6.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teb.shatateg.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:50:02 GMT
x-content-type-options: nosniff
age: 86032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:50:02 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 281ms
152ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5523944341897065

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a28566683e7a1ed378b0e0a29ceb8a7a15e1a4b3143df852a0f9b715940a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141440
x-xss-protection: 0
server: cafe
etag: 1931497087652514290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 07:43:54 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 211ms
76ms Ping
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4K90G1N3DV&gtm=45Pe43k0v9179698345za200&_p=1711007034053&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=1027939771.1711007035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711007034&sct=1&seg=0&dl=https%3A%2F%2Fteb.shatateg.com%2F&dt=%D9%84%D9%90%D9%83%D9%8F%D9%84%D9%90%D9%91%20%D8%AF%D9%8E%D8%A7%D8%A1%D9%8D%20%D8%AF%D9%8E%D9%88%D9%8E%D8%A7%D8%A1%D9%8C%20-%20%D8%B4%D8%AA%D8%A7%D8%AA%20%D8%B7%D8%A8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5143
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5TG3J886
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://teb.shatateg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9141 518 KB
121 KB 787ms
651ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5523944341897065&output=html&adk=1812271804&adf=3025194257&lmt=1711007035&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fteb.shatateg.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711007034617&bpp=9&bdt=868&idt=552&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5060679208451&frm=20&pv=2&ga_vid=1027939771.1711007035&ga_sid=1711007035&ga_hid=622420873&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&oid=2&pvsid=3141070007527620&tmod=262309830&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=607

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c49242a559a6ed6293968c6e67494333cfeff8421871f145dfb788812320678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 123849
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:55 GMT
expires: Thu, 21 Mar 2024 07:43:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4131 116 KB
40 KB 521ms
405ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5523944341897065&output=html&h=280&slotname=1084095384&adk=1528697250&adf=3637547805&pi=t.ma~as.1084095384&w=1200&fwrn=4&fwrnh=100&lmt=1711007035&rafmt=1&format=1200x280&url=https%3A%2F%2Fteb.shatateg.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711007034626&bpp=6&bdt=878&idt=614&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5060679208451&frm=20&pv=1&ga_vid=1027939771.1711007035&ga_sid=1711007035&ga_hid=622420873&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&oid=2&pvsid=3141070007527620&tmod=262309830&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=625

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b493fee4ddb6665a4587102ddf18a319f2a5d301d802e9dd656c16e771f222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:55 GMT
expires: Thu, 21 Mar 2024 07:43:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-emoji-release.min.js Show response
teb.shatateg.com/wp-includes/js/ 18 KB
5 KB 107ms
106ms Script
text/javascript 66.29.132.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://teb.shatateg.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium203-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:55 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 11:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4651

GET
H2 200 css
fonts.googleapis.com/ Frame 4131 4 KB
775 B 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5523944341897065&output=html&h=280&slotname=1084095384&adk=1528697250&adf=3637547805&pi=t.ma~as.1084095384&w=1200&fwrn=4&fwrnh=100&lmt=1711007035&rafmt=1&format=1200x280&url=https%3A%2F%2Fteb.shatateg.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711007034626&bpp=6&bdt=878&idt=614&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5060679208451&frm=20&pv=1&ga_vid=1027939771.1711007035&ga_sid=1711007035&ga_hid=622420873&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&oid=2&pvsid=3141070007527620&tmod=262309830&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 07:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:40:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 07:43:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4131 2 KB
903 B 204ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 04:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 4131 23 KB
9 KB 201ms
73ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4131 3 KB
1 KB 198ms
71ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4131 20 KB
9 KB 189ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4131 206 KB
62 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 4131 36 KB
15 KB 198ms
63ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5009472275175729937/ Frame 4131 10 KB
10 KB 242ms
124ms Image
image/jpeg 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5009472275175729937/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed7f618d07866961ead4b4f2477a025b9a96a2db97bfd658cf29b993d2da269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 00:31:32 GMT
date: Thu, 21 Mar 2024 00:31:32 GMT
x-content-type-options: nosniff
age: 25944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9799
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 08:49:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame 4131 3 KB
3 KB 240ms
123ms Image
image/png 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:48:37 GMT
date: Wed, 20 Mar 2024 07:48:37 GMT
x-content-type-options: nosniff
age: 86119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4131 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf292d4654371156b357f99b973a288a8242d11dca86aba63c4d7a55bcb69151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4131 16 KB
16 KB 66ms
65ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 85590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4131 15 KB
15 KB 68ms
68ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 150ms
149ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba602dc61d19cb58cc7f0d45893937b85956b566db0ead79960dd67cf7e9d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57716
x-xss-protection: 0
server: cafe
etag: 5949022727628660161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 07:43:56 GMT

GET
H2 200 ca-pub-5523944341897065 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 575ms
97ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5523944341897065?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c166e0614d62dad364da2319f38903fb1c4d035bde035763a869c4a024ccecd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UVfdGWrSHdwsYOiU6qBfzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-UVfdGWrSHdwsYOiU6qBfzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDsefU-_VsAh0zd9xgAgDgYDFy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 132ms
131ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759842%2C42532524%2C95326316%2C95322180%2C31081571%2C95322398&hl=ar&pvc=3141070007527620

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4131
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfBPzO-X7ZcbaGZrvxtYPibmz2Aef1NTBdpCqp8WdEmQQASDuyJF9YMmGgIDco8QQoAHd8KrAKsgBCagDAcgDywSqBNkBT9CVJqyZUGFg-dMx80KApR7oOFrmfzN2ajzjO1yR6HizMlSZsnZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8a56547754691e170000000000000000%22,%222%22:%220x38efa9086c1101fa0000000000000000%22,%223%22:%220x35da32...

0
0

320ms
121ms

Fetch
text/css

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8a56547754691e170000000000000000%22,%222%22:%220x38efa9086c1101fa0000000000000000%22,%223%22:%220x35da3203320f53660000000000000000%22,%224%22:%220x35a40a5931fc2ce30000000000000000%22,%225%22:%220xa087b550fe05cccf0000000000000000%22},%22debug_key%22:%221629946253836472130%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221593937281360960273%22}&andc=true

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x8a56547754691e170000000000000000","2":"0x38efa9086c1101fa0000000000000000","3":"0x35da3203320f53660000000000000000","4":"0x35a40a5931fc2ce30000000000000000","5":"0xa087b550fe05cccf0000000000000000"},"debug_key":"1629946253836472130","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"1593937281360960273"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 07:43:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 07:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8a56547754691e170000000000000000","2":"0x38efa9086c1101fa0000000000000000","3":"0x35da3203320f53660000000000000000","4":"0x35a40a5931fc2ce30000000000000000","5":"0xa087b550fe05cccf0000000000000000"},"debug_key":"1629946253836472130","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"1593937281360960273"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 0240 52 KB
20 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 361ms
121ms Preflight
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 07:43:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 66BD 9 KB
4 KB 64ms
62ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 152B 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 6F71 9 KB
4 KB 66ms
64ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 5AD6 9 KB
4 KB 68ms
67ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxULv6_pLtbRkddh4h_7bETYZGYcJZ3jHwO5UiXAXbRSndhJ-CbZverjs0kp69qqqlEqa88UrZM0iNwZk-LYeP9qT7SeDjHEcTSz8KWDhLuZvqHRrew1z1LwC1ScKqoosvCllKp6Vg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 95ms
94ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxULv6_pLtbRkddh4h_7bETYZGYcJZ3jHwO5UiXAXbRSndhJ-CbZverjs0kp69qqqlEqa88UrZM0iNwZk-LYeP9qT7SeDjHEcTSz8KWDhLuZvqHRrew1z1LwC1ScKqoosvCllKp6Vg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDA3MDM2LDk3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90ZWIuc2hhdGF0ZWcuY29tLyIsbnVsbCxbWzgsImxya3UxdnltYzJzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/am=wA/d=1/rs=AJlcJMxBmE6Wco2YVd9vGWk608DN5GI2uQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ced1c52ca11ec15d5823d40238da7d07bf66ca8e828fafed0cdb1fba14afb2b9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n6pYsuSpQmhz5fHv5VpVBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n6pYsuSpQmhz5fHv5VpVBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNsffU-_VsAgsmtfMCAKqCMH0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA19 14 KB
1 KB 83ms
82ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 07:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:36:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 07:43:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame BA19 2 KB
861 B 63ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 04:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame BA19 23 KB
9 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46C9 143 B
166 B 70ms
69ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 06:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame BA19 3 KB
1 KB 77ms
75ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame BA19 20 KB
8 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BA19 206 KB
62 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:35:24 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame BA19 36 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 08:01:22 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 66BD 15 KB
6 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:54:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 66BD 205 B
295 B 75ms
75ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 85591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 66BD 604 B
919 B 74ms
74ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:21 GMT
x-content-type-options: nosniff
age: 85596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 66BD 22 KB
9 KB 73ms
73ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:58:18 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA09 624 B
242 B 130ms
129ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGOidq4oCMAE&v=APEucNXnhHpE7XKowwIZVAplU-pTZCuQM_-5zsHp-xB67ajgaCOdLEGNQiHQQ7dgHTL_Rs1vro4uWMcgNx8G-SWc3wSCargqPQ

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7CCC 111 KB
39 KB 207ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 22:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 22:14:02 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 7CCC 8 KB
3 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:47:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 7CCC 23 KB
9 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:31:25 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7CCC 41 KB
14 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:52:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7CCC 3 KB
1 KB 76ms
75ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7CCC 20 KB
8 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7CCC 206 KB
62 KB 71ms
71ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:35:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CCC 42 B
63 B 165ms
164ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWf-gx0Y2sjazP_PKZEkI5147ssApebLztbxSwJFEhF6hI7LgUGKY4ZNmNTgcHFpIMFWDwPEP0zI5alqO2mUN8g0beyOqKokUtm6EIUCz4-3mAGoc

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C550 624 B
242 B 135ms
133ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGP-qmYgCMAE&v=APEucNULkMDmGYa5cWRYNdQla_WbyAzXYLaJX9GS3w3q_ASMgbgxoiNrNqg7A0Esfy7GPL-0KPB6y9J37GUGlEnMKY2kXdftXQ

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EB8F 94 KB
33 KB 138ms
137ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 07:43:57 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame EB8F 85 KB
28 KB 295ms
144ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWrHYaIomAElXW0czVMVOG4HRX74CJfk7oxRooDciaeM9SCbzE&d=CrkBAKAmf-ChxRoOUhfNPSJSGG7-h0HxAkWZhpT4gM5d5st8F6-wtwXKKn2yzAu8Bx-cnb9S_EYzWeRx8ZtBULQWREyxDaN9AVUvGPVIzeTWLFaz0ySyyuUZLia_0d7qQHFduYVYtSioF0CAVXcrl1o1Pe3Cu67qu88rH9YMpq8AuAYBSjRncOm2Ob7cGk1UaiEOKqI-k10QncRfedwd4I8fUeM_zz7HyXHvlyfgL1LUhTwasO373kR820cSyRcAoCZ_4JpavOHpdk41Iw6JaA_5A_NnCg-iq5N2EKZLStdFa2e7Vf8G5u2y4oY-2AE6m7vzxMXjRtFoMCqr65miua4QoEhOq0I1ok_vR4BYYR4JUCPx_-kX1ObQoNX2mVS0jJ7uy4DDzSfUvinygax_zReDzARhqphaquq_lB2lDWpQzlZpuWMs3qaoIZ9bsCmmQRRGjD69ah_rBC02laTWG674Zv6iPfe-FeOZubFyc4JBCK4JYha-hsxKy9yva8x_LZmkGoML72Oegg10x-FfNLG1lx3UOaiNKBbC6AHnlFgnz4cqvyj2ziSUzScJZpUsqUTEeguM1SWQIqtO5AwZL9V7XcfoNdX95wlT6OvNuYaTDVZWChlWGimbcDdXCqqTR63gLnpkrqcevnDxD4IiryN_2mgnmWx4x1UfwbkeAhrOAIIvVylaWTg7X48pF4wVdCfmITlcVy_RxccYu2uTX1ccxoV-U3_1BqrxT7HAD6y9WkygNXHJ2mjbn0ssMb3ujdKF6m3XNrOXmd_mmjrYHLe1RQLe9f67kAugPfboJQabefCXW0ZfspbcR2QbVrgA4riRdHvcwmop9wDDwJVwK18kiqG_NLEWPsMZ7LhCqkMMEfsu6P9afT46lujKtkeUICH6XwaSDBJ2x07YKretNePQXJV6UIWtLoKlMeg7x0kMaAJyha7jC6vKjl7Ab_caNTrCUMAkgG4uYRV4baFtdyo_fX9ojQGVZaOltyUyXKc1VgEJivT4TSRyTopV8O4qCL-uFOteSFN3HjEgTUswBJzhih-lVGM-vx-Yx07C36ROSwtagGrG710lxdpF4bMXhgLf2cxYuu462MBuk9YIzjfdd06LVstmwSGgvam_5LAVARBIB0TpT0fG6y6wGt5zed6z0GEVSD12KK7EGLaG7aSxoGpppXouytO3UV7_4iFxUVB46RrwzvoWQmcuaSiOioBZTv2bk04QXYs6-Sagv5MzTF85C8t89bVdTWfx_1RGzRf3OGIc-3Hd-mV3qsAYmVWVQ0yL7XIsfaGbxgauTLPYiu-QqaDQgDgO0MXQ8lqctMc6x3VxF3Sw0McbDShVTINPyH-tIYfb-fn8D7YsLKjJUmf9Be22Nl7MBwYJkprOzxr_M2RLaGHN4hdt76rGt1Nyivq7E62YoNhEuOhwZDfwMW2zJEbJUD0BfvbtAFzoR8SFG2vi9K2RnqkDi_L_dE1i8jmJy9rvnrw3exJSJmUezDpTzT6mbWQMxoF5aEvPct2M8BmzHWuOQBqfd5lIL1XxGauGlOoe34yNKGWNAuyMxJwG1hQAccAd8vPxIdNUV9MCij8Z5L8FaMOk66yONQ_5Km0O7ApqP-iGCHvflHeMF47WtLGT7eTVRXoMZcEGGtuPYhxjd-nMVZrPKbRSTSCjpcJjzFXcRtmC4Gutjk3BFq6YJ3VLNzuD_FIkQGAJFiFAIfIJwljbqhwsZFy8YRukXR-RSmCRssCG_n11BRi2zKpdit_eF183oKYymgKPyxqeLT29XKwa5JJmQg725SB1-SC45kzA4kwh7X-j3CsccnLZkZF_CpPuwM7OWbAgRzpkM7ZoPxpKN_-Ijgv5XICfeC-eEh0k1okC-d6wmjs9EpRIVr4Ho_BvyRRM0cr39uXBMR9q53FxO0x17irE6OU1UkCF-YmLc0ELBkCAndSuCVgxW9oEkLyZA82gDrU3zu6el5Z5TZRxx4VHkEOyvULLNMcTHjAswdhemGcm82wsBihLfUKZ2iZEaZd1yCL4dAZcW-_wNLR_dWcktKhQ31OokDsjqeS0UiYrwZ1Qqm6OeTjQUTth8_r2NeNF4hMyeC6t24sCVNxznReMFJs7yRyCkJQgFEa7Haq1yaa1Nd3YafT9w-vxhliGZja5ks0aVSlk5g5vVFqobSaHKbriHKyilF8SU8aXFX9nMC4HYAbxgN_lkCL86krD0X2TAvQhXCwvYrAdq-UGvQ_ZP1jj4IramvMOD2Bs2upnwP2VE5NFgE6iS1qs83yvtZs5AoolBomDieuBQxT9Nus8KxnErcbKgOcvdxLywEFXorK8CHMvrnUqXVyIC7jgBaLpNpCgZWjpKUNXq40Xf5-kCGG-88jRNKswpYRPr55QPlaPNLcIzuuO-1p1xKzIjGoj29A1FBJHfharxWv8TsZrRTrG3ENEw3t0TeTmaYq4PMUI8dILZ3ADfoPV1YFTwTyO-d4__QWx5w1Zvr0o8QhZdT35RFDfeo_vBXA230BLwAQIKPhZY56FMdC0AFMB-F8dkytLGJ46eIMF6IrAixEIxTPcUdH6ZXhNnca1tp4yyT42HTqjuZa08wMc1kRL4jYsDg6VpQiKlLVIGqvYYM3146uRYpU0d-9kQbV_iv5P2Fo-_tXjwCUQ7wd_bWtu8GsRW6NLavGGoijLrXu5YFcx-0cSYyCfuR0MRpCvCbuth2oM0JLOk2UwFArriAEAjMBBtLJBSwxfJblv1QW-p2xRhsDxpeXiEDiSZLysO9Bfv1fAhm3IvEqQKWwNEAp9MQlTy-pDpGaVlRHGUrT3GUWSYhWLsgQrB7i2r9gSyEG8t6RrI2fBBymOL-IZZ7gQkx08PUAEm66uRy5hGZp06NnZsu3iZ_28IMJvIRKqCmW5VeTiDrFVWPmS0_TisG4kfswR89wYocw4pulu5nHNnvrZduk_d_z9wxdLVahNm5Fw4uDZYK7OxvmiGcHZAwTC-owMk7k0CV24gJFxI5MOHdId8sXbA4Z0SJuaHsBAURPuRGCEjMKa99VWTHDSWTSu_Iz1jgHVBZ7RowJnXRyT7y8T6KL5IDe87WIUrBvOeAyRwBOFo0q8Rt715NSGvEhmR2bs9mUR8kYxDpTe9WP4gHVPdG7GEldr8pbH4Wp_79LdpNAv3b-OppCRJl_k5UkDQU0FEgioOEAzUoq8FjdS3eByigSCHg1k4_eMkNxCUewA81GW8B-LvdIA2TiAr3Z1XbUUnhsWK6MLK8ZZosmb33Qh03GuK9zSO2KGHQ0FeVqL6efnEf6YF2WZTPEOpyPNquiKDbRkulSxErU4nWtxVydYVVND-O5jXm8F0OlReOQx7y1VbJ4PlDHrxAIV931dtyCl6K91T7VSxmjyE3f7YbBtWGl9bVrTLqeya6KRtfhVEG5_u8lQfcXs3DB05Df7OLtUgRVgbWsVvb0dsdyg83RH7iSLegpRlIkGeVUSPaBX3P4xEhgUXmH4_ZPwGY_-isAIwrfw8fPeX0Gq0QEv28tvRSxaWFN5SRN5cpUj0iKAH2WBm6nRTzbBLdehmyev0Lc-3-z0iZdE6Ks0UIYoAXCwovdvBRBbdWfsqEES574T2-9Hx62gel6NoQK4K223Vwo5aJiUYpZuUNoO54V_4qVJVxDdC2aU6Jl-GF8T-p4iDnQYLPTMn5CB0hM744NhkTz8z_CQy7XKtWPO5krvoG9DYKQSj6meny4iA3iiJx4710iMqLlqNUpTKxtYUweayaD1n51UOtUHy2ZX6G8KWdFcxQBhqfkzo3q2naZT7oXkPvoNloEVojlnrQ6t0YY5gfXBjrkoufd7BioP1FLwx10iXb29YvAbEeyPNQDJgdyv7HhIZfD_nQkPc65vOw2c7ouuSYVJeZ1f7mcUXx0z5IYPdgK_ZsY-gVJAqekMceDidS8ciEhtgU93qycHPNgpK38yUe4i8tC_mc2nA6VZe5H-WTQtB7UpjL6rJpKynWl7chnqMu0CXxJiFRWH-B9aMHaeKq0j7AGTGceIYslWDd6sXOO3sf9GcnGk0trfovgqOLq6TWEe_4gOiUfJh2VQ_BAZ1g_AcwE4Y3R9IKdPKS4rq_ojpvIDERqgDQZ0tznnHtJo8kgAYg2w-nCf4YvKnuSAr3ZPVzFn_YtcUOCCtkCXSGNAQ_BfoVy0SJO6Nha5eVHY4WLW4LW-cqJXclvK4RLTtWm4oWwQjNxHhueR0FzT5IU5NdVwfOi9NeDqk5gCAqdoxtyLopdl78uhGKbC5M2BOxjSGIKUt6oS9xpVCAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAWAB&cry=1

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

5e3a83695828ddf5c09beb8d7d1148586d636609f219550e34b29557f29f556a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1288019/78683891/ Frame EB8F 59 KB
14 KB 213ms
60ms Script
application/javascript 54.209.232.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1288019/78683891/skeleton.js
Requested by: Host: teb.shatateg.com
URL: https://teb.shatateg.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.232.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-232-41.compute-1.amazonaws.com
Software: /
Resource Hash: 4a4d5aca2fce3cc3d3a67ec981bc0f258dd3f6d4341fef000433be4a5707f1eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame EB8F 3 KB
1 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame EB8F 20 KB
8 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EB8F 206 KB
62 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:35:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB8F 42 B
63 B 150ms
150ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVexwPXQU2ienxNbuLh4ZXPTfVBe55yuyLuAN2IGYBJDkmVG9Tz3-9xlbIXaAbHQxyfHwCqNXEg_nI7b_CSaBBtHhytkclaCznaLw-BLF_pSlNLs4

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B2C 624 B
242 B 132ms
130ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGImdq4oCMAE&v=APEucNUeurFeUM73Y3Qm1UYwYpcTOT7k07MVUu5qdOhh74nuneTT5N4r3S5SPlZgovLCr0YYV4gSyeiP4qvX-0fPD5cD9uV30w

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5557 111 KB
39 KB 216ms
148ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 22:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 22:14:02 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 5557 8 KB
3 KB 105ms
104ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:47:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 5557 23 KB
9 KB 98ms
89ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:31:25 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5557 41 KB
14 KB 81ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:52:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 5557 3 KB
1 KB 83ms
73ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 5557 20 KB
8 KB 79ms
69ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5557 206 KB
62 KB 86ms
78ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:35:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5557 42 B
63 B 131ms
123ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cf8vN0WRuEoBzIdpiFaQUc475y9hhBbC9HSoUq7Td1wYmOfZ5jjkQnddTEKyLtx_o6RZdIJh4oTctZofy0_qs__loBDYyb-yHpY8TyIknXWRqsOPM

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUyubhHbtz8fUYoOd3YqqiQ16lHeElvj2DhW5x7-AhI-jDlDNgUCcPxvsqVyTXJiBBN8ly1Y0j6jiwOJvei1wzmYaaVkOse5oX0gAvvvlCAcps1-L87kxI76Rmy3IsNspmHlgKrxw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 111ms
111ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUyubhHbtz8fUYoOd3YqqiQ16lHeElvj2DhW5x7-AhI-jDlDNgUCcPxvsqVyTXJiBBN8ly1Y0j6jiwOJvei1wzmYaaVkOse5oX0gAvvvlCAcps1-L87kxI76Rmy3IsNspmHlgKrxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDA3MDM3LDI2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdGViLnNoYXRhdGVnLmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21b9607d13f124e0a140b35c845462b0ebdb6530febdf46b6dc5e8f3bc4e5ce0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D-nHMYTcJSU8UcGGq1dQfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-D-nHMYTcJSU8UcGGq1dQfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw7H31Pv1bAINPUtnMgIALJw2Ew"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4131 42 B
174 B 134ms
127ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqa60CT-iy5LabMGobAczVwUWk8GACKdEIy9CJ2ky3ugmZmwfwzWDmXBQVehcCQ19ngJusIMIRMQgsIJSGJV5PN6_ksPz2DEjJ5VNV4jVKW4iM2D7mkl_cfHD1bG6mgBhPkggzw2ap9OAcdDLFfFZZGGNbCj3ZXN0&sai=AMfl-YSeLJ9YZw9YRFmVXQwj0LWQS5gquXFDogzbRQSlMI1priIU718uEkPCn-Mp3appDDIFNfV3SNh-Uejw9sNux8WRyviSq_uBDJQnciZbezllDO5FOHKvEy6Sg3ARm992A_0-cWnHmwk6j8sMf7IM4g&sig=Cg0ArKJSzJbVaEh925shEAE&cid=CAQSTwB7FLtqiXdzzt8bO9467YsTH7zJc0SGvXhwFYYdPEd_NafKE9N1IybxPi7k2CLhm3bZur5inEtT3CqqIRYNRNxZR5UpLJmUor4nUPlRQJ4YAQ&id=lidar2&mcvt=1031&p=0,0,280,1200&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1528697250&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=693983600&rst=1711007035253&rpt=1039&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9F97 38 KB
13 KB 82ms
72ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 86190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:47:27 GMT
expires: Thu, 20 Mar 2025 07:47:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5557 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ea3d52ff480149ef404a1b2d8f539631ea0d979f4bbe90e56aa21655e20ad45

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 490B 38 KB
13 KB 64ms
62ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 86190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:47:27 GMT
expires: Thu, 20 Mar 2025 07:47:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB8F 0
20 B 125ms
124ms Ping
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2855294968892&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB8F 0
20 B 125ms
124ms Ping
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2855294968892&version=m202402290101&ct=76&x=1&cor=5829989460768161000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EB8F 17 KB
13 KB 104ms
103ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQwujOj8KZTQROU0s4vpuO-cGKVa1seo1WpwyCnR3b2I56Z3YHC3T_ofKPWoI384pg5gdlMqP0uTmPnhDH1sG87_SA5d86DKDYuzTVNWmQ7g8T4VdOXEtteAJZYImSY_6Zro1bfPjDPfGpk89XQ8avlnthBkb1qfcYSmWwH0NzXCZGLkFaRNS2NgB1doknZpcOgl-dskhAEDM7-4VPgbImMLhEeQ&cry=1&dbm_d=AKAmf-AjLZ9Zubo7gdx-2JZGNEHvTFmK3zAQjTA7Yl7PqEmjLzftoAPUs3zrzXjU99vKA21gxeAoZgEZz3AcFw7FtpfMas-TF3MDVD8xKIGMJMdzE8-kFV0K3sVdpNgro8i0SngCK0fx7_0tsGoQ_jSKZmw2ypigaYKm6YiaaT7Mh-cQVHfi0h8Qt7PqC8gcj9NSJopQgJanLVtv7TlvlzqMkx6EEQF9ZKBokR2eZPLMSjtYuJ2aRVUqxv3EKh28LLCJAT1kMsW-A3i5SXIpwmdt1LvS9_hZXjkpIa1rfH_oUVOD8eAS9RBZDu5MjePitS4CkaChE2PLKtMA7P35hzkloSLWn60MPivXzv65ZWe5O8Sr0LO4dn_iNjCpZxZ_r0mCoMQfseJedhYK3QiPJM_LzkhJB0A6OA2frsSaYeYwig17nPX5BajH5MWPub3DeUnwAC_KBNi5w311CE-deKTwV29kX81ZbiDL9irg-CRSGG6Mx2luKCyftUJ7BjQDy_v6X8Zp0tD2arbNg8Ox1m-Ve2CBEGdRyow5HSrlfbRUvuTH3jD0XaqZ7_XBBoEowXkUIZDyiyT_3ZPbMitA_pgjYiYc5hNdu3Eiw-LeOTZkiaNdrDSVHxTUaNz6xeiDBjkTnFehjjyEJOWWypgFZf1k094zJI9oJa9MuJaZpORxfe1OobYSnBtr-YXYZJBMaxwEEC3zG3kdLRBJ2KNtLbR7WRQT10GRwlK0yjytm33zTiY933HG1E_UueWlilXTw0VIjJbMsqJp7cxtUtjgWqiB3OQJIIvUYZX3rgJWL8W0W4jmXO2fc7LfXOOJIUktluuGQaLHuE3VWDX0QiCN_E7nBgPav55DX6AzWHF3FuDStiAzNlonm97VKKfYtrT7ZG9lebHI2MrM8-WzNgtcP-bwArYDytVrFBAUUCgenabFAbhUAjsctPi7tuEtNxFetkuqsJTrGq_7V49FF2x1Fk2MMcYv9aLrqIXBTiegZWjZMdcalqh_aQObI8D5_nH15fj0gIA8UrRFOAryr-MxqtuK6pDgWekJNDwGESywahWvt8Rso2Eyv6AJIRg09S-P950uFDdjnNDCj76HDB63mVm9bxMBJeO46DmkAU91y_261f0W5K-cmCZz_x1VvTbkiylLaYfWBbIvlBHSoGTIxiGcAp8dyIJJX3zwZM_Kj4_PEJ-hW4nJH7GPBfUi3UQ7uOdHQwqiJbgf_7eRGq-Ct6kCXyQ6jcxteYoCRMUFpdz7gPE_vD6aYs7Dx9N33O_CSfDBsbrl2dv2YQjOzZCGacnFteuYjnOPpDkpz4V5eQnWIuQfLJEnyIZPLi8LniWChz21hvaYexX4brbZMAlapFyOO-qr50GdSVWeTRCGU6h5wlJ8LVTnBhIP7Bp30hp8dlQb5iKcBvOIHmLi3J7SwZazh5ujuh8-fTn-yOoWFXXsrgRdPocxdMWiuQ0-DuqJJ6_aCUQGACOycN8xzMS_CzNEeptlWyjO3vyERYCD4-YKfLoQKveS4O1lUraWw6Uk3iyQkEeVaZ5JJQbvXFBvrYVYfUn-grMhSYmDmzvFnTICNDENEZhbGa3AlpYrYilftKFP1GO76i0KGrDugXfVrydS_tmzP3apDtCi-slb7K6207bcNi8t9eJy7fj_j7JGMhzJ3OMbQzWIP4EGdZKDapZu37lMkviAqLVvcedCLRcsy3RZdw9F8mSldm7UPQJPEVFrzYqe7X4wmQw-kc_PvRk4YQRzd6Wheuh-mth-YF0_ZW4MJT5qBq01H_U9PkMJW387DO48AJ8PgfXnNZJKxh5ZpLLbTuz9RU6vo2FtzqXo4kh9Pa-tr8RNup_VpaBiyMM5q58sDH6pBECrnC55NUHS3315B09T4a_irb7UoiSo_ctkCbhsSmGzqe_mIsPiij9mSY7UXG0sTrd5YOQU-H6mQ-mJlOfXOEug3bFA3-mvqpXiZi1rG_qqM2buu-PzL69xAtJZ5p4gx1DaUYCcFykXJi0IA1zejAvuyzALZrHUvd8zv2jDDctxvXS7nM6XvtMEk4OaGCUNi2oAroaXItsbVQdmf1PdtisfukAfHMZTTOIrDXe1QsMkohmFGzaJ-Pf1pReNQj85ECZjjukAAn7FR-yp7ZfBJHKXDHZ4WLocf5kHYUKYwHNRjRoK6gVjr9UuY2NAwqt0wSEJOYR7_CdGn6wKeyUSisC0qJyGdH6wnBQav-sOhEdzFlGOOeWa3zKFXRHJx1Xf8qyNvA_rK3xze2iwcsIb2K-qYGLSUiZ2pHAM8ROXsQTDli_y3-qP9ZvGSLFykN7L7TAaTas5QWpCCg9a7rCj-K_KESZf-qff9Qt6aV98VNkxxLnpPVB-b7NaQpPmkJ37UqeWAnhIJl5_1-SyKLYwZJmJlj0AwzE_PJpXsqN9_hRtHMl31WmmBzVtp3GpzRlEfA7q8BV8nNdGnhppnPHHayMNmu3p0y03sghkC9vJIIr1u0xkvEDgNuOUjPjaSRPRESViGgpEooW0vSlyI3rIreps2dn0gOOohRIbfumxLxl8u7MwbKTHOXCvAPz-sQhAEqnZmyDGz_kr0vKBw3NTc0cEn0IjhnBmq3mDlb_KOu2botSKUOzVN_mqir6y8AhVNWFx69u81gRb255n6-olD6y2eUCe41k45IO0qk2WOJSJ7TuZo_e3e2usKZxpp94WChijBPGiAktaJmAfOFfYGl-b6Y6LqhJPCjEG2qBnsRKv5rjgI6fw5SYwdnxk2kGCmK_bhMLKL3TPiyv2xJ-uwtKsqTT1ZM1NY2jaXkmkK1MfHjF2bO17J-gwZrbvl0sfWqv5yEZSiw9EG1FSqfN-CvfEuKz_Lzvvv28s7sz5t7v_UAkFl1MzkB-8KlVqFHL-QJBFwKWIFfhZJTPyep4FALCLiV7QNnLwKI2-8qUQneo-XEoN63ExesxbeOHlt1B4HKCYwa10i19ZCecgiiPdRlcJgSa_t8WeWYgglreXw7oRwLMgpQFo-zY0-9ZmLscw4ut-ZoP-3IU2VEVy2d2xkK2vx_Wo8eLqcaVZHq-u4s19wsr-U6jj0E_-np2-OqeZxf1PSeKVzaXStRbc48ksGxu3NscvX5w3qMneyWSE90OEExcjjtOqrLsDBdxufTyG&cid=CAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Fteb.shatateg.com%2F&ds=l&xdt=1&iif=1&cor=5829989460768161000&adk=929882888&idt=155&cac=0&dtd=46

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3bf61bafa7ad07f824e6d25ff4a65c25bab0fc25e6859444d879cc3d30b2b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12822
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FA09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
326 B

74ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGOidq4oCMAE&v=APEucNXnhHpE7XKowwIZVAplU-pTZCuQM_-5zsHp-xB67ajgaCOdLEGNQiHQQ7dgHTL_Rs1vro4uWMcgNx8G-SWc3wSCargqPQ
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t57caS4AvIwCdLUDk9afwD7svSgXcFsTOWOkWQRFDQ4iGqFm%2BKhh%2Bs1Z6oOgHqwFWW9MiXPmcDH4JISZ9nPwJhL8K8PveOz8TjxO23AjvYHTesK4yOgbpMgdVfPVNSB0eqaUM8YpSQpDRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5064997531f6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FA09
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
771 B

83ms
82ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGOidq4oCMAE&v=APEucNXnhHpE7XKowwIZVAplU-pTZCuQM_-5zsHp-xB67ajgaCOdLEGNQiHQQ7dgHTL_Rs1vro4uWMcgNx8G-SWc3wSCargqPQ
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40TTxvc5CPV2hGVf35hfWcwRZ4sCyyC0XTDZoGS65Q6Voap8KU2Vm4yT7CiYYcIpmx0%2FiTDZLHg7CkCujlmzoTbspLOrlcA2XeEV03RYY88qGFd%2F%2Bt2vjrcsfDTsg2GA5WU2hRJCxZM%2BMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5065cfe6746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FA09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

43 B
1 KB

79ms
77ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGOidq4oCMAE&v=APEucNXnhHpE7XKowwIZVAplU-pTZCuQM_-5zsHp-xB67ajgaCOdLEGNQiHQQ7dgHTL_Rs1vro4uWMcgNx8G-SWc3wSCargqPQ

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: 8e53a7e7-d8a2-4ddf-9a20-5d858f652327
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA09
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

170 B
232 B

81ms
79ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: 077bba0d-e7b0-42cc-9dc1-7c43bcc816f1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
336 B

77ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGImdq4oCMAE&v=APEucNUeurFeUM73Y3Qm1UYwYpcTOT7k07MVUu5qdOhh74nuneTT5N4r3S5SPlZgovLCr0YYV4gSyeiP4qvX-0fPD5cD9uV30w
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rD%2B8OQMbxR%2F92%2F%2F6e8nE8N1m8Sl7Mn5%2BXwIctOe4KN0vk%2BK0YtFpEkNDyHsTy9BzsS%2FQyRlzgjMZ%2BWLGKpu3vn11Zz56g5PZxjfZnnVVCRukWqp7PbiO0xRT03%2FHvcBd7Z%2BtrjKeMtAFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5064997431f6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7B2C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
735 B

84ms
83ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGImdq4oCMAE&v=APEucNUeurFeUM73Y3Qm1UYwYpcTOT7k07MVUu5qdOhh74nuneTT5N4r3S5SPlZgovLCr0YYV4gSyeiP4qvX-0fPD5cD9uV30w
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nAQGw7Lw1SUvV5lzF3N7dqoYtH6i%2FGF3882by8PM1QkS9YQbvuMnRgvlwE9gVH6j9Y%2FrIEd2W%2FKBGVsTKx24iknJ%2BlOQsvKiJUHbASpS81l6qB1XHAGnYF1J9tzGTIueT6sqfH3WRghR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5065cfe7746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

43 B
1 KB

83ms
82ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNX-xP0FELGcpP4FGImdq4oCMAE&v=APEucNUeurFeUM73Y3Qm1UYwYpcTOT7k07MVUu5qdOhh74nuneTT5N4r3S5SPlZgovLCr0YYV4gSyeiP4qvX-0fPD5cD9uV30w

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: b2d2f6ca-85d5-4346-99e2-927ce975f9f5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

170 B
243 B

90ms
75ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: 57592d84-a7d7-4ab1-92e3-0bd40d9c0c2c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C550
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
337 B

77ms
69ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGP-qmYgCMAE&v=APEucNULkMDmGYa5cWRYNdQla_WbyAzXYLaJX9GS3w3q_ASMgbgxoiNrNqg7A0Esfy7GPL-0KPB6y9J37GUGlEnMKY2kXdftXQ
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQHn0UluAvdGgfu1KOMLCDorlTx4TZkCcYhuohjlYFmCaZH5pAiiOuzQHN5l2ZgaBLXvbnE5N31bDRIcQu7LRcHwVF3LhPyIgNjGdD%2FofNYOlJyZJMnaXmAd3L4pYFoerOFJpeFb%2Fek3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5064897231f6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C550
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfvlPtHM77kAABaZAQ6IPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1

43 B
742 B

86ms
85ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGP-qmYgCMAE&v=APEucNULkMDmGYa5cWRYNdQla_WbyAzXYLaJX9GS3w3q_ASMgbgxoiNrNqg7A0Esfy7GPL-0KPB6y9J37GUGlEnMKY2kXdftXQ
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ft6p6DZAc6jVWE%2FNHG659eqUFVP%2B0BPxI7PdRcTz4qZJxGXyFNy%2B4pQBRKlNdv9D41fJNp8gvZ0w5%2FszE3tDwYFdgcEl0xBJmx%2F%2B8iE%2BY6RmzVPojlG0MrLQmZqJhDU6cAyscDIeRzP%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867c5065cfe9746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPvqa-Dn3rT-rVvjV2HxqZ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C550
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

43 B
1 KB

81ms
79ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGP-qmYgCMAE&v=APEucNULkMDmGYa5cWRYNdQla_WbyAzXYLaJX9GS3w3q_ASMgbgxoiNrNqg7A0Esfy7GPL-0KPB6y9J37GUGlEnMKY2kXdftXQ

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: a2ea2fcc-922e-4ace-954a-c5137c66a71b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF8XbW9BNHBqayZIbey-0RA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C550
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

170 B
232 B

87ms
85ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
an-x-request-uuid: 4ac04c51-13c7-452c-b2b9-49c3d049452d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1MDM4NjEzODg5MDMxMTQ5Nw%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

78ms
77ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:58 GMT
expires: Thu, 21 Mar 2024 07:43:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A7A 52 KB
20 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18058294086944130876/ Frame 29A7 30 KB
6 KB 195ms
68ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62edf7810bd93682493146a37974f5c16f4536917f51d3c017b6c9443990f0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 71952
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6325
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 11:44:46 GMT
expires: Thu, 20 Mar 2025 11:44:46 GMT
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7CCC 0
0 581ms
132ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvKOqfECOZywrAyMkmIZkGYeN9BuY4yJP6z-idrsXjL0vAbxvmZcroxZBUfdPSNd8ethEuMyfhtuWq5XUXFEppNJuYqzvslezJaMe_UQLPZVAEXHG79kt58A1jCcCPg9_y8JK-Jz-QOh9_GFnp6uB2oxPDFaCAnJdmUgpRmyYxuinUP_A-t4Vzd56-679WaGh3gid_uMoSXInXBNGsn0uAC7Oj7ruFjn7fJApiTOL2SWVX_0axu7s29KZW8NkiLDMaBaJrLjO_AB830xKonrgOpMvAGt6byt-b_ziJYW-rO4KJt4_3uAJ-ifTqQl15OyskVPOPXNKblzU6iupKQ04S0OAF24Yg7YuFzUNoeDLgqnumuL-2F_DK7SqYh-rm7GjkJC052WhVRuOJU2IY8_C8ktBvTNtGOJH-qRsNs9GnsHMN9IfuOBZ0frN7_CjpjwWYeJdX1Oz-gz708Puz0SbmM-Ooj_eJsgmJ1DD4yMg79v1Uo5VmXXVvcSjyMsEqaXQuoiBcK6IcXE_yTOrRJqnzyPwyaC0hwUbeXAa5mGnNKNaICWV8oDB_LjLw01HokeujkcqzfoiEf_NriY8NfALtBh4x4EwsO7L4ExYxJ8Ilp0jyhEuV5baK8dZZ1iPS0H9rbRuSc6Kc_rWHgn0DxqFc3Q8rdYOCZUqfl6DKpsAVDjh3w4F6K7Al4Sy6nCvL3IKgBIAwcwePmsv2naCIYbgZ0ErAX2Bo_oQlN4DFongqMJqnUgaiuUtHjxovXyeq1cCT9iJY1tyQ3Xbif3Z2BcAlY_9x_YTaNGtWKai2dMLdMUA6pzcL5dbYNfUkxSQOyEfKubV-z5oXagy6wjOfIdZKllHK2dZX_hKFAoldOYAmvbQGX1lww236EYHeFTlu_vV3dFg3naxxHdk418JpcuhlIqyeKMygsUo5m2gpcY874c00zpfNm7TA-337NG0iTiLZBo01c0CuR9Y7LWqQ7XRQQPYwiBug9Ou3_HCkHkMqu7Tm5a2bdvP3mP6x73cuqlkwatbdjcG8rWlJGGdgAvW5A6jSuHHG0gIHwztkhQB7Hbure7E5wuYUk_6XZZ4wunAR9r2uoaGnnsnKePqWA_b6gGoCp-nsnB8FSi6c5V5jD9YsHnPWI0u7L885qU1pAMp6m00NgC_8QMBtqswdZHwMK8rG5EXHkFA-el226XGus4b2hcLOnxCg3B2VGvbYZXDz4z6lQuyirFJOAAnPw0MfnM7GHhPENChUn0Sr9KlX1zHXvTAr5fFAa8jNfpPREqlVQXUKBIMO9LX1kXQCNywIgGpkRk-YeUujB4J_b_fzliZmw2Ac30sInV7JSnLRh7vym0_bGWVljbwOHNIJxlESJdxAkbAL9JeFd72TFmUinRr6k&sai=AMfl-YQsiCdZScprXrrCqe6SeXYwxr8B9q6R6LOK_uJl4nJiboBXVJLsxjzc_Xaw1d0t7nlM1ZohlpLrdi-CNejqC_KErFD8lfEnzqZYeU56eyVqHECIdPd6jYy8h7UOriRaKWLolLZg-wKRCfgD8TKwKVcbdHcGBYOZndUxVpA7Kl2dl-bQgSX1UuApUkHpH2mGtUYBFYDmeR4MLB_azxrbaZw9SVtScn9UMnVl9wDSvCLl49kzRPCS9C670GiYF6f3fqsg509DP-5A8hTzwFBsGYMLEmZ4dsJ2Cg61wkSWGDYrPXLcFwZ7DG-nzooi441qIfLOSz1iHJMf6PgoTxGy9DWS_hw32CEaALJJMBG4uJ1ZhN9zcMxO9f5ZwK6a9z7CiUI18NWPBGkRKmA0IUTkm8Q60rd0zL_NaWHEnkPj4dvJcZQmqLL1WucgCAvrtuM0KEilgiehqJ0jODHkjq5DkquBLqtIQDYCd_sEALnMOLefCQHlevjgeGZYcmQRUsUZXr97nsOwBU7pAA&sig=Cg0ArKJSzPBFnFKQe5mREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jbHVicXVhcnRlcnNob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=445&cbvp=1&cstd=442&cisv=r20240319.43745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11527359091045495176/ Frame 8FA4 35 KB
7 KB 198ms
73ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd8444384c1ab218491753c1319f7b17e1d025dedf063e9dedde7940471a0f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 85442
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6873
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:59:56 GMT
expires: Thu, 20 Mar 2025 07:59:56 GMT
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5557 0
0 571ms
134ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6rHnfgYOQ90YY4u_OHePKE0iNnJ8plRnFJ2oZ9pKnBQO75_UEFvfOqcRaXCiY8yelywztCw6hkOGNCqJcmru9_b8oofdEgfxKZr-vTFCcihtyM0HVwWKZ-PkDUlQupq5jHVuYaoPRUHHy2ZbGtllPo7EHxAec7orMI6ZlPbvTz_QCXIL31jyUzjpM8UpgMcBSpg16m8jZOAoJYjYMHoXoEAzgljy0qcMUVQM5dAz-124H7EeKGHBuEgln2XXkFIzzeFdU4vzAXfz72zKqows5oqoG1pZS4ShKUZssp9-qCCkBIEgRpl9Gl-ZMLDEcGHBw3pVLr5dF90_BtUZ-aQ_v4L-g1K1E6WvEEC7eFGG3Pg60YKwQlKFaaXtlCk0V4Kx-nlcaBXvhF-_Khx7z7WixZEx4p-2zkMt6N2-ONCmDPs4oAsmX1EYP3z9mrKf4Y6yWNYTvqYeXioyPTarTahhCWmtSPduWTUxv2Iu9-20Q8zizxjbcYvzXHlDSUscPQOxePNpKf78W0ETi_AADxyKm14DdKzHTG-PRz0qI9AYQBPlrPwf2lssAxlMSP2o4_V4lKtGEJQuEa38q6RyBtPHbyz4Xit0V6eHpFTJ3Vuk-SFP2V74sokObh6VvL6PTr9Z2sRQblG4VfncW9KHQIXWdLtJ4AkCzHAJlEp7ZG1XQMXfAQZTivLJ9SeLR9gEDoquig8gLma9D4BprcZRQ9IEeGrmVt14RIB0pZYOHLE8SfmoGmQTsGy0wSOMBYdqeq9LWG-HRgBjlhAxFRayVO9dkHzZAyM-hgqtH0aMd9FZlsTgvmPNMZLJFm7rFvtywc-hFAq-xDl6zNIKFidSLYYCXDM1hFJ_Mh12KtslcIcKrVrwoJ7BUvjrqtr6oV2GGZ54lR2SMwAdWCjvrPYUbDAwTxJ9T_ZYoEVgDCfT5hoPhAHvk8xKTGEdf3oAh-2iF4h61h5L9GO8_4dJEcT8jz597obquZjoRTr1YyxcjF1FhhU1799yLsKLemsqJzzBqMIQBCB0jWy0OFUGxBMm9l72KB9KYYOoH5h5GX0Yc7Hg8qDF6U9t3mP4QBtccu7Q-gVUAVS5eUn664OyDlEBPGFV8-FrYlDoSvN-NErLOgwTwGiMkP19PGHM5dP26fkud5PqysjfVPDxOwe8owY3m7bpCTn0sBuBEwD42qbWYTxHlmV4pvZWg6DRBBPqWA1nrmcWo2LKZjLU856qtnBQN5WbXeJ1R0pxQ0klkzOMSCS2QE5v9LLrrtReq28yueZXCrxIYtgjy6lt3lGQZ3DKY0fQW8augRMOF_PNr-4jkVxfexElxOrDknyUWATKMH8dPKApzmRGQgHc4kl2E2R2KmApaBv-DwTXZEP2KDbmwwF6OOxdIqw&sai=AMfl-YQi9tnxq8k4EDFr4FmumNdluIjaaDGJA2860LMFSDA3dm7CHNCTinNfbevL6NnK4GV7SpDLhjO5VNu7HIfg68HvA_plqgoWmD6jxHHybRIe3aQJxVQ7d2EMt-B1vgAp747vdAO3bR30KAEccVyJ59NNKdFkPKJ9LEdwedYhsfrTo3rqQ5IUn_br55lUuvEpPLnPEO1CnTfx3MgKB-Lbhtb07wx02IeDTbocbk71c2M_cPOEWP_0WOY1jVvBlm3K83ivCLqVrHf_WltqhqeLlsa_KcylZKGLuXzmdbQBdS5zkH2FPz17fSNsQgkDn8NMDGLMjlaiTl99e_VFW8RQZk0RUf62zvZgnthgGnR1mxoWV3FrDmI5ZQwsRMV3wWRX5R-rIVPc_-xJFVImKMNSggTeS3Ld2oAvoFthQxllpg6H6TssenKiFVjpbpDN8T8X42bSv6P4kCJQ5JHhFSeGOCDjRf4Y9Xu7SfUgUet1tdFIzdip0VVnhpDhXF5VS7_mTDPeADfKBTshbQ&sig=Cg0ArKJSzJkp5aTXOpCdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jbHVicXVhcnRlcnNob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=385&cbvp=1&cstd=383&cisv=r20240319.89498&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F97 52 KB
20 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 490B 52 KB
20 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EB8F 41 KB
14 KB 71ms
71ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQwujOj8KZTQROU0s4vpuO-cGKVa1seo1WpwyCnR3b2I56Z3YHC3T_ofKPWoI384pg5gdlMqP0uTmPnhDH1sG87_SA5d86DKDYuzTVNWmQ7g8T4VdOXEtteAJZYImSY_6Zro1bfPjDPfGpk89XQ8avlnthBkb1qfcYSmWwH0NzXCZGLkFaRNS2NgB1doknZpcOgl-dskhAEDM7-4VPgbImMLhEeQ&cry=1&dbm_d=AKAmf-AjLZ9Zubo7gdx-2JZGNEHvTFmK3zAQjTA7Yl7PqEmjLzftoAPUs3zrzXjU99vKA21gxeAoZgEZz3AcFw7FtpfMas-TF3MDVD8xKIGMJMdzE8-kFV0K3sVdpNgro8i0SngCK0fx7_0tsGoQ_jSKZmw2ypigaYKm6YiaaT7Mh-cQVHfi0h8Qt7PqC8gcj9NSJopQgJanLVtv7TlvlzqMkx6EEQF9ZKBokR2eZPLMSjtYuJ2aRVUqxv3EKh28LLCJAT1kMsW-A3i5SXIpwmdt1LvS9_hZXjkpIa1rfH_oUVOD8eAS9RBZDu5MjePitS4CkaChE2PLKtMA7P35hzkloSLWn60MPivXzv65ZWe5O8Sr0LO4dn_iNjCpZxZ_r0mCoMQfseJedhYK3QiPJM_LzkhJB0A6OA2frsSaYeYwig17nPX5BajH5MWPub3DeUnwAC_KBNi5w311CE-deKTwV29kX81ZbiDL9irg-CRSGG6Mx2luKCyftUJ7BjQDy_v6X8Zp0tD2arbNg8Ox1m-Ve2CBEGdRyow5HSrlfbRUvuTH3jD0XaqZ7_XBBoEowXkUIZDyiyT_3ZPbMitA_pgjYiYc5hNdu3Eiw-LeOTZkiaNdrDSVHxTUaNz6xeiDBjkTnFehjjyEJOWWypgFZf1k094zJI9oJa9MuJaZpORxfe1OobYSnBtr-YXYZJBMaxwEEC3zG3kdLRBJ2KNtLbR7WRQT10GRwlK0yjytm33zTiY933HG1E_UueWlilXTw0VIjJbMsqJp7cxtUtjgWqiB3OQJIIvUYZX3rgJWL8W0W4jmXO2fc7LfXOOJIUktluuGQaLHuE3VWDX0QiCN_E7nBgPav55DX6AzWHF3FuDStiAzNlonm97VKKfYtrT7ZG9lebHI2MrM8-WzNgtcP-bwArYDytVrFBAUUCgenabFAbhUAjsctPi7tuEtNxFetkuqsJTrGq_7V49FF2x1Fk2MMcYv9aLrqIXBTiegZWjZMdcalqh_aQObI8D5_nH15fj0gIA8UrRFOAryr-MxqtuK6pDgWekJNDwGESywahWvt8Rso2Eyv6AJIRg09S-P950uFDdjnNDCj76HDB63mVm9bxMBJeO46DmkAU91y_261f0W5K-cmCZz_x1VvTbkiylLaYfWBbIvlBHSoGTIxiGcAp8dyIJJX3zwZM_Kj4_PEJ-hW4nJH7GPBfUi3UQ7uOdHQwqiJbgf_7eRGq-Ct6kCXyQ6jcxteYoCRMUFpdz7gPE_vD6aYs7Dx9N33O_CSfDBsbrl2dv2YQjOzZCGacnFteuYjnOPpDkpz4V5eQnWIuQfLJEnyIZPLi8LniWChz21hvaYexX4brbZMAlapFyOO-qr50GdSVWeTRCGU6h5wlJ8LVTnBhIP7Bp30hp8dlQb5iKcBvOIHmLi3J7SwZazh5ujuh8-fTn-yOoWFXXsrgRdPocxdMWiuQ0-DuqJJ6_aCUQGACOycN8xzMS_CzNEeptlWyjO3vyERYCD4-YKfLoQKveS4O1lUraWw6Uk3iyQkEeVaZ5JJQbvXFBvrYVYfUn-grMhSYmDmzvFnTICNDENEZhbGa3AlpYrYilftKFP1GO76i0KGrDugXfVrydS_tmzP3apDtCi-slb7K6207bcNi8t9eJy7fj_j7JGMhzJ3OMbQzWIP4EGdZKDapZu37lMkviAqLVvcedCLRcsy3RZdw9F8mSldm7UPQJPEVFrzYqe7X4wmQw-kc_PvRk4YQRzd6Wheuh-mth-YF0_ZW4MJT5qBq01H_U9PkMJW387DO48AJ8PgfXnNZJKxh5ZpLLbTuz9RU6vo2FtzqXo4kh9Pa-tr8RNup_VpaBiyMM5q58sDH6pBECrnC55NUHS3315B09T4a_irb7UoiSo_ctkCbhsSmGzqe_mIsPiij9mSY7UXG0sTrd5YOQU-H6mQ-mJlOfXOEug3bFA3-mvqpXiZi1rG_qqM2buu-PzL69xAtJZ5p4gx1DaUYCcFykXJi0IA1zejAvuyzALZrHUvd8zv2jDDctxvXS7nM6XvtMEk4OaGCUNi2oAroaXItsbVQdmf1PdtisfukAfHMZTTOIrDXe1QsMkohmFGzaJ-Pf1pReNQj85ECZjjukAAn7FR-yp7ZfBJHKXDHZ4WLocf5kHYUKYwHNRjRoK6gVjr9UuY2NAwqt0wSEJOYR7_CdGn6wKeyUSisC0qJyGdH6wnBQav-sOhEdzFlGOOeWa3zKFXRHJx1Xf8qyNvA_rK3xze2iwcsIb2K-qYGLSUiZ2pHAM8ROXsQTDli_y3-qP9ZvGSLFykN7L7TAaTas5QWpCCg9a7rCj-K_KESZf-qff9Qt6aV98VNkxxLnpPVB-b7NaQpPmkJ37UqeWAnhIJl5_1-SyKLYwZJmJlj0AwzE_PJpXsqN9_hRtHMl31WmmBzVtp3GpzRlEfA7q8BV8nNdGnhppnPHHayMNmu3p0y03sghkC9vJIIr1u0xkvEDgNuOUjPjaSRPRESViGgpEooW0vSlyI3rIreps2dn0gOOohRIbfumxLxl8u7MwbKTHOXCvAPz-sQhAEqnZmyDGz_kr0vKBw3NTc0cEn0IjhnBmq3mDlb_KOu2botSKUOzVN_mqir6y8AhVNWFx69u81gRb255n6-olD6y2eUCe41k45IO0qk2WOJSJ7TuZo_e3e2usKZxpp94WChijBPGiAktaJmAfOFfYGl-b6Y6LqhJPCjEG2qBnsRKv5rjgI6fw5SYwdnxk2kGCmK_bhMLKL3TPiyv2xJ-uwtKsqTT1ZM1NY2jaXkmkK1MfHjF2bO17J-gwZrbvl0sfWqv5yEZSiw9EG1FSqfN-CvfEuKz_Lzvvv28s7sz5t7v_UAkFl1MzkB-8KlVqFHL-QJBFwKWIFfhZJTPyep4FALCLiV7QNnLwKI2-8qUQneo-XEoN63ExesxbeOHlt1B4HKCYwa10i19ZCecgiiPdRlcJgSa_t8WeWYgglreXw7oRwLMgpQFo-zY0-9ZmLscw4ut-ZoP-3IU2VEVy2d2xkK2vx_Wo8eLqcaVZHq-u4s19wsr-U6jj0E_-np2-OqeZxf1PSeKVzaXStRbc48ksGxu3NscvX5w3qMneyWSE90OEExcjjtOqrLsDBdxufTyG&cid=CAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Fteb.shatateg.com%2F&ds=l&xdt=1&iif=1&cor=5829989460768161000&adk=929882888&idt=155&cac=0&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:52:16 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EB8F 172 KB
60 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame EB8F 12 KB
4 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWrHYaIomAElXW0czVMVOG4HRX74CJfk7oxRooDciaeM9SCbzE&d=CrkBAKAmf-ChxRoOUhfNPSJSGG7-h0HxAkWZhpT4gM5d5st8F6-wtwXKKn2yzAu8Bx-cnb9S_EYzWeRx8ZtBULQWREyxDaN9AVUvGPVIzeTWLFaz0ySyyuUZLia_0d7qQHFduYVYtSioF0CAVXcrl1o1Pe3Cu67qu88rH9YMpq8AuAYBSjRncOm2Ob7cGk1UaiEOKqI-k10QncRfedwd4I8fUeM_zz7HyXHvlyfgL1LUhTwasO373kR820cSyRcAoCZ_4JpavOHpdk41Iw6JaA_5A_NnCg-iq5N2EKZLStdFa2e7Vf8G5u2y4oY-2AE6m7vzxMXjRtFoMCqr65miua4QoEhOq0I1ok_vR4BYYR4JUCPx_-kX1ObQoNX2mVS0jJ7uy4DDzSfUvinygax_zReDzARhqphaquq_lB2lDWpQzlZpuWMs3qaoIZ9bsCmmQRRGjD69ah_rBC02laTWG674Zv6iPfe-FeOZubFyc4JBCK4JYha-hsxKy9yva8x_LZmkGoML72Oegg10x-FfNLG1lx3UOaiNKBbC6AHnlFgnz4cqvyj2ziSUzScJZpUsqUTEeguM1SWQIqtO5AwZL9V7XcfoNdX95wlT6OvNuYaTDVZWChlWGimbcDdXCqqTR63gLnpkrqcevnDxD4IiryN_2mgnmWx4x1UfwbkeAhrOAIIvVylaWTg7X48pF4wVdCfmITlcVy_RxccYu2uTX1ccxoV-U3_1BqrxT7HAD6y9WkygNXHJ2mjbn0ssMb3ujdKF6m3XNrOXmd_mmjrYHLe1RQLe9f67kAugPfboJQabefCXW0ZfspbcR2QbVrgA4riRdHvcwmop9wDDwJVwK18kiqG_NLEWPsMZ7LhCqkMMEfsu6P9afT46lujKtkeUICH6XwaSDBJ2x07YKretNePQXJV6UIWtLoKlMeg7x0kMaAJyha7jC6vKjl7Ab_caNTrCUMAkgG4uYRV4baFtdyo_fX9ojQGVZaOltyUyXKc1VgEJivT4TSRyTopV8O4qCL-uFOteSFN3HjEgTUswBJzhih-lVGM-vx-Yx07C36ROSwtagGrG710lxdpF4bMXhgLf2cxYuu462MBuk9YIzjfdd06LVstmwSGgvam_5LAVARBIB0TpT0fG6y6wGt5zed6z0GEVSD12KK7EGLaG7aSxoGpppXouytO3UV7_4iFxUVB46RrwzvoWQmcuaSiOioBZTv2bk04QXYs6-Sagv5MzTF85C8t89bVdTWfx_1RGzRf3OGIc-3Hd-mV3qsAYmVWVQ0yL7XIsfaGbxgauTLPYiu-QqaDQgDgO0MXQ8lqctMc6x3VxF3Sw0McbDShVTINPyH-tIYfb-fn8D7YsLKjJUmf9Be22Nl7MBwYJkprOzxr_M2RLaGHN4hdt76rGt1Nyivq7E62YoNhEuOhwZDfwMW2zJEbJUD0BfvbtAFzoR8SFG2vi9K2RnqkDi_L_dE1i8jmJy9rvnrw3exJSJmUezDpTzT6mbWQMxoF5aEvPct2M8BmzHWuOQBqfd5lIL1XxGauGlOoe34yNKGWNAuyMxJwG1hQAccAd8vPxIdNUV9MCij8Z5L8FaMOk66yONQ_5Km0O7ApqP-iGCHvflHeMF47WtLGT7eTVRXoMZcEGGtuPYhxjd-nMVZrPKbRSTSCjpcJjzFXcRtmC4Gutjk3BFq6YJ3VLNzuD_FIkQGAJFiFAIfIJwljbqhwsZFy8YRukXR-RSmCRssCG_n11BRi2zKpdit_eF183oKYymgKPyxqeLT29XKwa5JJmQg725SB1-SC45kzA4kwh7X-j3CsccnLZkZF_CpPuwM7OWbAgRzpkM7ZoPxpKN_-Ijgv5XICfeC-eEh0k1okC-d6wmjs9EpRIVr4Ho_BvyRRM0cr39uXBMR9q53FxO0x17irE6OU1UkCF-YmLc0ELBkCAndSuCVgxW9oEkLyZA82gDrU3zu6el5Z5TZRxx4VHkEOyvULLNMcTHjAswdhemGcm82wsBihLfUKZ2iZEaZd1yCL4dAZcW-_wNLR_dWcktKhQ31OokDsjqeS0UiYrwZ1Qqm6OeTjQUTth8_r2NeNF4hMyeC6t24sCVNxznReMFJs7yRyCkJQgFEa7Haq1yaa1Nd3YafT9w-vxhliGZja5ks0aVSlk5g5vVFqobSaHKbriHKyilF8SU8aXFX9nMC4HYAbxgN_lkCL86krD0X2TAvQhXCwvYrAdq-UGvQ_ZP1jj4IramvMOD2Bs2upnwP2VE5NFgE6iS1qs83yvtZs5AoolBomDieuBQxT9Nus8KxnErcbKgOcvdxLywEFXorK8CHMvrnUqXVyIC7jgBaLpNpCgZWjpKUNXq40Xf5-kCGG-88jRNKswpYRPr55QPlaPNLcIzuuO-1p1xKzIjGoj29A1FBJHfharxWv8TsZrRTrG3ENEw3t0TeTmaYq4PMUI8dILZ3ADfoPV1YFTwTyO-d4__QWx5w1Zvr0o8QhZdT35RFDfeo_vBXA230BLwAQIKPhZY56FMdC0AFMB-F8dkytLGJ46eIMF6IrAixEIxTPcUdH6ZXhNnca1tp4yyT42HTqjuZa08wMc1kRL4jYsDg6VpQiKlLVIGqvYYM3146uRYpU0d-9kQbV_iv5P2Fo-_tXjwCUQ7wd_bWtu8GsRW6NLavGGoijLrXu5YFcx-0cSYyCfuR0MRpCvCbuth2oM0JLOk2UwFArriAEAjMBBtLJBSwxfJblv1QW-p2xRhsDxpeXiEDiSZLysO9Bfv1fAhm3IvEqQKWwNEAp9MQlTy-pDpGaVlRHGUrT3GUWSYhWLsgQrB7i2r9gSyEG8t6RrI2fBBymOL-IZZ7gQkx08PUAEm66uRy5hGZp06NnZsu3iZ_28IMJvIRKqCmW5VeTiDrFVWPmS0_TisG4kfswR89wYocw4pulu5nHNnvrZduk_d_z9wxdLVahNm5Fw4uDZYK7OxvmiGcHZAwTC-owMk7k0CV24gJFxI5MOHdId8sXbA4Z0SJuaHsBAURPuRGCEjMKa99VWTHDSWTSu_Iz1jgHVBZ7RowJnXRyT7y8T6KL5IDe87WIUrBvOeAyRwBOFo0q8Rt715NSGvEhmR2bs9mUR8kYxDpTe9WP4gHVPdG7GEldr8pbH4Wp_79LdpNAv3b-OppCRJl_k5UkDQU0FEgioOEAzUoq8FjdS3eByigSCHg1k4_eMkNxCUewA81GW8B-LvdIA2TiAr3Z1XbUUnhsWK6MLK8ZZosmb33Qh03GuK9zSO2KGHQ0FeVqL6efnEf6YF2WZTPEOpyPNquiKDbRkulSxErU4nWtxVydYVVND-O5jXm8F0OlReOQx7y1VbJ4PlDHrxAIV931dtyCl6K91T7VSxmjyE3f7YbBtWGl9bVrTLqeya6KRtfhVEG5_u8lQfcXs3DB05Df7OLtUgRVgbWsVvb0dsdyg83RH7iSLegpRlIkGeVUSPaBX3P4xEhgUXmH4_ZPwGY_-isAIwrfw8fPeX0Gq0QEv28tvRSxaWFN5SRN5cpUj0iKAH2WBm6nRTzbBLdehmyev0Lc-3-z0iZdE6Ks0UIYoAXCwovdvBRBbdWfsqEES574T2-9Hx62gel6NoQK4K223Vwo5aJiUYpZuUNoO54V_4qVJVxDdC2aU6Jl-GF8T-p4iDnQYLPTMn5CB0hM744NhkTz8z_CQy7XKtWPO5krvoG9DYKQSj6meny4iA3iiJx4710iMqLlqNUpTKxtYUweayaD1n51UOtUHy2ZX6G8KWdFcxQBhqfkzo3q2naZT7oXkPvoNloEVojlnrQ6t0YY5gfXBjrkoufd7BioP1FLwx10iXb29YvAbEeyPNQDJgdyv7HhIZfD_nQkPc65vOw2c7ouuSYVJeZ1f7mcUXx0z5IYPdgK_ZsY-gVJAqekMceDidS8ciEhtgU93qycHPNgpK38yUe4i8tC_mc2nA6VZe5H-WTQtB7UpjL6rJpKynWl7chnqMu0CXxJiFRWH-B9aMHaeKq0j7AGTGceIYslWDd6sXOO3sf9GcnGk0trfovgqOLq6TWEe_4gOiUfJh2VQ_BAZ1g_AcwE4Y3R9IKdPKS4rq_ojpvIDERqgDQZ0tznnHtJo8kgAYg2w-nCf4YvKnuSAr3ZPVzFn_YtcUOCCtkCXSGNAQ_BfoVy0SJO6Nha5eVHY4WLW4LW-cqJXclvK4RLTtWm4oWwQjNxHhueR0FzT5IU5NdVwfOi9NeDqk5gCAqdoxtyLopdl78uhGKbC5M2BOxjSGIKUt6oS9xpVCAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAWAB&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame EB8F 31 KB
11 KB 74ms
73ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0
server: cafe
etag: 7675425396172501416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:07:21 GMT

GET
H2 200 main.19.8.491.js Show response
static.adsafeprotected.com/ Frame EB8F 216 KB
67 KB 487ms
79ms Script
application/javascript 2600:9000:247b:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.491.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1288019/78683891/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 21:17:54 GMT
x-amz-version-id: wHx9kGfMtHSCY3NFYeny6RZbFrO9IDhq
content-encoding: gzip
via: 1.1 1dbafa627b28576f280c85d24d02a0c2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 123964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Mar 2024 18:56:42 GMT
server: AmazonS3
etag: W/"3b6ff1d377956e23af5815888d2962f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: O_Q5b6X63Q_7apz75oFypPkQ9TbxOkk99zsgXyIIb8BBPpjkoDPA5g==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 140B 38 KB
13 KB 88ms
86ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 86191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:47:27 GMT
expires: Thu, 20 Mar 2025 07:47:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4303845548995117056/ Frame A14C 19 KB
3 KB 88ms
82ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c654a32371d6cbf4424e4809c3501b66bda234f8e5daf9e24cdf1290427cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:58 GMT
expires: Fri, 21 Mar 2025 07:43:58 GMT
last-modified: Tue, 16 Jan 2024 21:15:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame EB8F 0
0 132ms
123ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu9eGddRSlsVbAFb9Rtv7zLwNKMtnX0hx_OuVtjqKyCVFL5s46uV-vcuQSL5vmgX_qkFV6iKBKQkDRENLBvNXX1olJjuKsPOh8IYoAx-zQ0KzXuyf2ox1IpYVKwAST5l-mIEqFebyb1rJu5J4cMobkm3anJnVCd05bwO66FZ1_QAIvpGjuRrFCf58MsbYlcgHrGCUwg2V9jWs_HG3rXhJVdHRKqskWFw9oED63xUADy6LW866rbBQ&sai=AMfl-YSWUslhlX0WITGK_5piezaqHYlkhG9KQBlTPonDIvKxVJXN3OwJBNC4T5pjwSNZbHQ5a0ko4VdgnoVFHTdkbwnoBiaOm9XUIjYjzf2XGWFZrig-RDhQV2nPEckCW6QtFfVD29iuyHDOb9ubRQGNzr1Jmxk&sig=Cg0ArKJSzPLyeuRdfHjKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9jYXJuaXZhbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=595&cbvp=1&cstd=579&cisv=r20240319.26521&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ Frame EB8F 42 B
434 B 319ms
66ms Image
image/gif 18.164.124.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=287788&adn=3&ca=29096808&si=6769438&pl=388543268&cr=151460748&did=ADID&ord=431062261&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-65.jfk50.r.cloudfront.net
Software: Apache/2.4.58 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:08:29 GMT
via: 1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
server: Apache/2.4.58 ()
x-amz-cf-pop: JFK50-P7
age: 2129
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: 1XuHbOu1ZBZMcsJGL72kYcYqOyiZ1qx1t0t4Eo1KHDEpuGIMVqMmVQ==
expires: 0

GET
H2 200 pixel.gif
tracker.samplicio.us/tracker/bd9e22ed-f019-4d3b-a02d-bd70f37b52fe/ Frame EB8F 35 B
340 B 316ms
64ms Image
image/gif 54.90.211.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.samplicio.us/tracker/bd9e22ed-f019-4d3b-a02d-bd70f37b52fe/pixel.gif?sid=6769438&pid=388543268&crid=151460748&device_id=0&c1=29096808&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=431062261

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.90.211.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-211-165.compute-1.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
strict-transport-security: max-age=604800
x-ratelimit-remaining: 0
x-tyk-trace-id: 51239a3148ae059606aa841428fc1a4d
content-type: image/gif
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 35

GET
H3 200 c058b5e89278f385bf8049249a4176e8.js Show response
s0.2mdn.net/sadbundle/18058294086944130876/ Frame 29A7 82 KB
24 KB 67ms
66ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/c058b5e89278f385bf8049249a4176e8.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b4babcc80509a9122a83295ac9733770ca132f21d3ff3ee4dfd2c0f47adb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 00:32:01 GMT
date: Thu, 21 Mar 2024 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24464
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adsfile. Show response
fundingchoicesmessages.google.com/f/AGSKWxVpI3aANhHFMcFS8W7c50iqE_mcm7uSvO_1WB6o20C2kHoziMA40yfhlPbXj5PVcDG_6kny9gN_UTclYumV99ej6HobjaceIFX8JA240S-DqgaRKb7K7I50mMP3g-5Ujddjqhvgy7Dihl3YEVIagfjTA3v-Q... 54 B
110 B 91ms
90ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVpI3aANhHFMcFS8W7c50iqE_mcm7uSvO_1WB6o20C2kHoziMA40yfhlPbXj5PVcDG_6kny9gN_UTclYumV99ej6HobjaceIFX8JA240S-DqgaRKb7K7I50mMP3g-5Ujddjqhvgy7Dihl3YEVIagfjTA3v-QF13024JqFHNupTjqII8q9L10quwrwk7/_/adsco./acc_random=/ad_support.-side-ad./adsfile.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMySuRJJ5L17GyUkL7_9ZnG4bLjqWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b8e9a9f92d937c750e5942fee65f3fbbb34c86beb7072fc678234f9ab83c6fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xNXoS8JfwBBnx3A8KqT-0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-xNXoS8JfwBBnx3A8KqT-0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDse_U-_VsAie-fFnBCADdqzIN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
80 B 67ms
67ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 08:01:45 GMT

POST
H3 204 AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 216ms
84ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8mByMJ9QctbUTR9o4sc6UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-8mByMJ9QctbUTR9o4sc6UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QR-dLY-ZQQAyI0MsA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://teb.shatateg.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c058b5e89278f385bf8049249a4176e8.js Show response
s0.2mdn.net/sadbundle/11527359091045495176/ Frame 8FA4 82 KB
24 KB 87ms
87ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/c058b5e89278f385bf8049249a4176e8.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b4babcc80509a9122a83295ac9733770ca132f21d3ff3ee4dfd2c0f47adb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:57 GMT
date: Wed, 20 Mar 2024 07:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24464
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame EB8F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1288019/78683891/skeleton.js?adsafe_url=https%3A%2F%2Fteb.shatateg.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fteb.shatateg.com%2F&adsafe_type=c&adsafe_url=h...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

66ms
66ms

Script
application/javascript

2600:9000:247b:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Server: 2600:9000:247b:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 00:59:33 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 1dbafa627b28576f280c85d24d02a0c2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 20155466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: elRH4MzKgJ5djabEx1ONC1qCOicW3AfahfNDAbzGd87tPMi681qWPg==

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: nginx
x-server-name: app18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 37FD 91 KB
23 KB 82ms
74ms Script
application/javascript 2600:9000:247b:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1dbafa627b28576f280c85d24d02a0c2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 20233099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Bgr1TvYGTo2vNMrCw8QzU7NpjNe_EAkEjfs__wD3AbyPI5rwJnSH3Q==

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 140B 52 KB
20 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
216 B 379ms
117ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdNL8,pingTime:-3,time:792,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:737%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:792,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:736,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:739%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
215 B 380ms
120ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdNLa,pingTime:-6,time:794,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:794,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:736,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:739%7D&tpiLookup=ao:teb.shatateg.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
215 B 359ms
119ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdNLx,pingTime:-2,time:817,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:9,bdZ:281,beA:461,beZ:463,mfA:1170,cmA:1172,inA:1172,inZ:1178,prA:1178,prZ:1187,si:1199,poA:1202,poZ:1221,cmZ:1221,mfZ:1221,loA:1255,loZ:1259,ltA:1278,ltZ:1278,mdA:463,mdZ:1042%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1711007038458,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:737%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:817,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:736,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:739,sinceFw:76,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5557 42 B
64 B 126ms
126ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzgZv2xR4vMoWph_q1iGxeY1NhPpGJrZPV8_pRrZhxye7ytYLsl9tM7Te534J_THfJVjzrzvcVaKPzyeLu3lYXunoxsYlqG8V2G4qeL1MJnBFQsvD7wCU8hbWPGpgpYTr3f3jqkDrp4F1eWcJTlm2jhAI5TQiMByw&sai=AMfl-YQxcUgObeQ8PGC7WUxXoIyEWgVHFPmSYXBtqlLzZSbM36bbOH0WbnuQaRU_fWwBuPLjSsWFiVhbLle_4V9JApfaHdZl2NF8zG-xg4BpQeDeXYobCeDwZguqg33M6wLM5Y8mBVyYbxJqPnJQ0pxbcw&sig=Cg0ArKJSzNC6rHPeNvBEEAE&cid=CAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAQ&id=lidar2&mcvt=1015&p=0,0,90,728&mtos=548,911,1015,1015,1015&tos=548,363,104,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=693983700&rst=1711007037221&rpt=235&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/4303845548995117056/ Frame A14C 8 KB
3 KB 80ms
73ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4303845548995117056/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9f723900491683a66d7b327081ed9b2a48628506bd3ee66fc02d9cf0643cca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:02:06 GMT
date: Wed, 20 Mar 2024 08:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2813
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 21:15:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.2/ Frame A14C 84 KB
27 KB 135ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.2/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 35324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27010
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SA1OJwhEy9KdLLcbaVUYW7hvoaDzGLezcx8s7MnM%2F9Fg4Oaeg2%2FXqHfpMkQMSeKvxGaYHpGzu85BucY9PewqKtvmEnkWWfaBG3Kij0eQ%2Fx5en1uItYtzeTBaSpiHq35sLiZSrAB1DgUBYCMfZwbIJdDe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 867c5067481f7425-MIA
expires: Tue, 11 Mar 2025 07:43:58 GMT

GET
H3 200 gsap_3.8.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A14C 62 KB
25 KB 97ms
91ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.8.0_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25068
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 20:06:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/4303845548995117056/ Frame A14C 15 KB
5 KB 81ms
76ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4303845548995117056/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e42f06d6a3da19b5e618e837bab6f288e4b2ee70688243274a8b6dd0d78b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:58:38 GMT
date: Wed, 20 Mar 2024 07:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5292
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 21:15:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A14C 120 KB
41 KB 76ms
71ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 20:54:40 GMT

GET
H3 200 dynamicLoader.js Show response
s0.2mdn.net/sadbundle/4303845548995117056/ Frame A14C 15 KB
4 KB 83ms
78ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4303845548995117056/dynamicLoader.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f65cae0701cc533eaa5101545498ca61d02bd161393002905ea83cfac95c302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 14 Mar 2025 16:51:46 GMT
date: Thu, 14 Mar 2024 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4251
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 21:15:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/4303845548995117056/ Frame A14C 2 KB
951 B 84ms
79ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4303845548995117056/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bc3100524ca200ef96650bf963ea1b31fd4a6b3451579546aa06dee402541f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:54:28 GMT
date: Wed, 20 Mar 2024 07:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 921
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 21:15:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 91ms
90ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TBPvAZrQOQg8v14wekslGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-TBPvAZrQOQg8v14wekslGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QQ23L03hQkAy0MM1w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://teb.shatateg.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
88ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qOrtz4UadEEI0DJ6WkD5Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qOrtz4UadEEI0DJ6WkD5Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QQ6Liw4wwQAyCEMjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://teb.shatateg.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
89ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W4mP4Rf5qKo7n-KvKZVA9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-W4mP4Rf5qKo7n-KvKZVA9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QQe3G08ywQAyW4M0w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://teb.shatateg.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWaOr5_Yb3DG4kLMrWZkx_obHDtieFfU8DBUvP5D61qyq83ZB4SscVo4clxw2n4PsCAJMClx8ciMnn5MI43ywB591zbXuPWfzYdudXqojnPuCRKLqDJuOWCNamTg0Tr7F2mXfDthg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 98ms
98ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWaOr5_Yb3DG4kLMrWZkx_obHDtieFfU8DBUvP5D61qyq83ZB4SscVo4clxw2n4PsCAJMClx8ciMnn5MI43ywB591zbXuPWfzYdudXqojnPuCRKLqDJuOWCNamTg0Tr7F2mXfDthg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDA3MDM4LDY1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90ZWIuc2hhdGF0ZWcuY29tLyIsbnVsbCxbWzgsImxya3UxdnltYzJzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa2a19df9188db3a3e23bcf60565fa8d76f98efec318e5e328146a4493dc43b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V5ZuGxiG-GsfUMVk8fnwrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V5ZuGxiG-GsfUMVk8fnwrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDse_U-_VsAh0bHl9lAgDc2TGp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5dc7efa7ff003fd08b810b2787a0f722.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 111 KB
111 KB 65ms
63ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/5dc7efa7ff003fd08b810b2787a0f722.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8d659e1d91c88f6ea683c05ee9455b9e231429018f543d84511a3d8cf5c335b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113787
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c2208ee630999cf5bbb6a7c7834320d.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 211 KB
211 KB 73ms
71ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/9c2208ee630999cf5bbb6a7c7834320d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ac2080c81f721a620626085a796c65685abb38f86422e9ff3fe171a6096d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216156
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c2b23612fd1a7bf8f4062e4c45b8018a.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 5 KB
5 KB 81ms
80ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/c2b23612fd1a7bf8f4062e4c45b8018a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff61e6ee994ee7e9c7f0da7c10fcfe67f5f5b79a77de895dd9a13fe161abbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cd6549452d438ce7c48fee26a7635e11.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 45 KB
45 KB 78ms
77ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/cd6549452d438ce7c48fee26a7635e11.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

675805dc973b3fe2db505f9e4586e537a0d8afbd5d5ac1f91de53ac6e9b7397a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45723
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7f798b329f462441651ce347cff9f09f.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 40 KB
40 KB 87ms
86ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/7f798b329f462441651ce347cff9f09f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57cedd26d3b9ca002bfeb2d70376e17803c7a31a70f31dd903162ef7fb728ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41294
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1ae999b309246ed9d451bee9dce7f59b.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 5 KB
5 KB 85ms
84ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/1ae999b309246ed9d451bee9dce7f59b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786e55df0f9aa219dc4d299f6b4eb063c11c9c64aaa2d2ada64201bcc847f03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4906
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cera_pro_500_normal.ttf
s0.2mdn.net/sadbundle/18058294086944130876/fonts/ Frame 29A7 147 KB
68 KB 78ms
78ms Font
font/ttf 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/fonts/cera_pro_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d453921f06393967c500a009ba363b55a23bdc959b09894b5908cd087f96bc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 11:44:46 GMT
date: Wed, 20 Mar 2024 11:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69480
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cera_pro_500_normal.ttf
s0.2mdn.net/sadbundle/11527359091045495176/fonts/ Frame 8FA4 147 KB
68 KB 74ms
73ms Font
font/ttf 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/fonts/cera_pro_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d453921f06393967c500a009ba363b55a23bdc959b09894b5908cd087f96bc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 05:13:53 GMT
date: Wed, 20 Mar 2024 05:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69480
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 490B 0
23 B 125ms
124ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUtn1O-X7ZbnnGbX1xtYPydKw0A4AAAAAOAHgBAI&bg=!bW6lbiHNAAZewuCMfsI7ADQBe5WfOKUZwh3NUo_7kkkNn2dtUJuWpqnuIZ6RoEmc1hU5o1BcbSfyYjkCO4Mj-_hpSz3RAgAAAnFSAAAAA2gBB34ANZw12kUm2CxuoEEFd1gU-9MJ-e4bHv6B7kcPw8MMx7f5xiNbUhQN1oTa2t2vH9lW7b-EcbMlCgAGejO1Y-btmQK1W8WFS9vqryBK66NOJ2vuggEcLHxjItc_MSm3Vxn6Aseft8YLmmiE_hegWXFfYhP32kbs0TvPrYqYqRNfY_i8tzYlYlGJ0Q3KnXSZJK_P-5b9GCFYF91Axc_ejUjBr4ZknOjgfv0U6ht297lZdsEsNQ0ZthV1epL7YxqpVW3ZUyjI7i3dkxUKDeSBIaC-emUQJCEf6jS3fzI68UHiVmZCzXYyNifemVtBBRH2ORGkxSjvr0gmZPheu0aORFs-6Jcin7QESYWcio1UzyCm_U0p8OWvN_80FyRufcEL7EkXr3rDQl2xczGrIuzqZsHswicK2GqI41p90ij6yeM3NSkm67McejEwlRrL6n9ZDk6K0QBgLmIkFO6MLUHYtsGIAx2AdfByQ9vtF2E54omtrmFDE-uH5vxSnbPVO9QeHBnz6RG0qt6cFt4e4T9anl0p3wzOsOY0rxVEjCDdfNVrk55ApUC5PNe648Hf__b9drMNUY6HMLYSpCf_G7LbVdgztt28BKdCwAxUu84KE63vP7lRZalSG1xDD_-1Mx4B1UQCeDaxKiw_hjaeZAuRv87QyOAyAFu39DSK5KGBMcZF2vZeTqRgzB6S0D1F3PrM2uiSBRqcFL861uiPgR4aId1Jhwcc-WCHmp6YTmmsxHAV0xHwtvOIFxPYvQHhlgapVz_dGbDcr_xR9nSn-Ld-hAhbtYB7P5BzgRG-95_foSYmGMLU1kRTFZi36YSyNQ6_7gunxgjPzupm79Groj-1NjNmMVneZgCrw7MwqPsxmJxX6Pvuwfak4raPWU9UQYBuKWENo1kFrskrHfOqxgBSt0YXVyvg8ZoG32xgKShPl4M2q53LqTWcUvFCxi5bhTaAVOFtPIZCrn7deAQ9C138KMpM6kRGCl0yRmGglni8DiXneyuU7q5gKOgk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame EB8F 0
0 123ms
122ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu9eGddRSlsVbAFb9Rtv7zLwNKMtnX0hx_OuVtjqKyCVFL5s46uV-vcuQSL5vmgX_qkFV6iKBKQkDRENLBvNXX1olJjuKsPOh8IYoAx-zQ0KzXuyf2ox1IpYVKwAST5l-mIEqFebyb1rJu5J4cMobkm3anJnVCd05bwO66FZ1_QAIvpGjuRrFCf58MsbYlcgHrGCUwg2V9jWs_HG3rXhJVdHRKqskWFw9oED63xUADy6LW866rbBQ&sai=AMfl-YSWUslhlX0WITGK_5piezaqHYlkhG9KQBlTPonDIvKxVJXN3OwJBNC4T5pjwSNZbHQ5a0ko4VdgnoVFHTdkbwnoBiaOm9XUIjYjzf2XGWFZrig-RDhQV2nPEckCW6QtFfVD29iuyHDOb9ubRQGNzr1Jmxk&sig=Cg0ArKJSzPLyeuRdfHjKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9jYXJuaXZhbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1167&vt=11&dtpt=572&dett=3&cstd=579&cisv=r20240319.26521&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F97 0
23 B 124ms
123ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAFoOO-X7ZbfnGbX1xtYPydKw0A4AAAAAOAHgBAI&bg=!wcKlwo3NAAZewuCMfsI7ADQBe5WfOMVJBzyY5MafHOQcTrJP7mfXdzAukxEs3cN2Dv1E4Ebg3vdKQrXBJBB5ViC2QNDoAgAAAmhSAAAABGgBB34ANZcpmC9ULncIhPCww0_HGylEOlAiJ-N1VdXvGT90Q0MNt-eXC2-VgCHzxB7dDyDPVzIjnWC7mQK9yKFNZZf5KmNsttylA1r1K79lRGDMRH6y7KcQpmJtaBHfRaQD_VwoWnxpPZ4CjVgV5PUrOUbUW1dY7Rh82cTTsd9UWnk0m5M4RsT-35ubmSM_w4R90wYQ72_USrcmmE3iGhNzWQRF0QA8L7zPruxVuRN09_52m1tKOQrE3R_o_ADfExOM38zu68S9Srl6_Xv173BF_g3Uo9jhQL407r8fxHEXrL9DGYIfcsuymAmn4xttqJI_lGByxeUZonAMLg3LRgeXweGniLckccckAmyJfoNdDR2K-CvxBVbwtlrl2OJbMxAuFnnOEsHzi3H8OxIildKiTgbRpr9o9RbVDewj-t0vL1fx7J5eHoDxs8nyCE6y1biechZibvVeiLFwQ6n48ydyxkzFxdcbQI2IUcypQBNAtJDPGO2BJXhHJHgs-1inufB0xjPkWWsX-BoFteHvYikacFcRjSmhbsmmuodkDbkSDx2R0wHoxVH_HV89CQfVAiOQgHGLU7f42lkgJbknByJGNk4uKHKZn-wJoIVbmHZR_epixsxFWEhX726tH_GsJWEKuX12WEaGusbxR8PzXrgN27XtDS-8PNeAg8tnTbpn3rs5__a6OH5VM1C1LxF2j35KbT5WXBNL_bKi3o5I9l6ExpkqHPtYSQEyIvSQtaPFBE9rH871vArIaQlubS8oDfs7N3nVtB4v2gVjmRo4Njf5yrRPPZQeRnLIOTWjFe16UrqBv3yvu3Wi06ejPaGEYqXrZe3FI6wNp4noa0LwouJIEC5sdTXKVFCZZ2DRP-m935bnHYUXZD1cmMwTcCMcqJbqzUqju_xsURKhsS9sPfrTSWF0vgSZkH_N7utjs8iwfn_BDDZymDz2iuGAp7ZlRi1XZlHLArEbSmS3cgGHJoFTmDljFlrjViE9WZ7OV8aAD8WMg4n_kosxT50

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIhCO_QFPVZJ1Rw3yNHKpxDIcAn5sRflNK-HHUqdLDuYIqtqe8ykuDL39jpburwb4YEEPKjsEGFQiUryXNF3u9N6xr65-aDDyMrksgcA42mDBo_yo6QQdZDyzlO1v0Ol765yEfyw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 86ms
86ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIhCO_QFPVZJ1Rw3yNHKpxDIcAn5sRflNK-HHUqdLDuYIqtqe8ykuDL39jpburwb4YEEPKjsEGFQiUryXNF3u9N6xr65-aDDyMrksgcA42mDBo_yo6QQdZDyzlO1v0Ol765yEfyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Jt3nDPy7HxUsmam44-0UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-2Jt3nDPy7HxUsmam44-0UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QQebHyygBkAyp4M5g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://teb.shatateg.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 87ms
87ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKYvrelvJ3S4wdwW61_HCeY3ZSD1-qV18X7Fqc_JiSzyLWanxV7VVIM68VdtDrLao6GwXCfKTJUQbDxQdL-q2fiPtSzy3EMC1BM2E04NCJ8I0xhRlADv_PtMuxh7uHnuvyJDuS8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MT_1YglHK_ULGRHY1wIkOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-MT_1YglHK_ULGRHY1wIkOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1iDgFiIh2Pfqffr2QRuPHuzkBkAyroNFw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://teb.shatateg.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 base.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/94388903/dirty/__version__/1/ Frame A14C 609 B
260 B 65ms
64ms XHR
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/94388903/dirty/__version__/1/base.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/dynamicLoader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d20e84e98290a7c000cc109b3777535efd23b192f31c16203069bf5a36692539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 224
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 14:22:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 20:54:03 GMT

GET
H3 200 nationalSale-160x600.css Show response
s0.2mdn.net/ads/richmedia/studio/pv2/95442190/dirty/ Frame A14C 13 KB
3 KB 82ms
81ms XHR
text/css 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/95442190/dirty/nationalSale-160x600.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/dynamicLoader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb20664317bd57753d8fdd0ea209a87ebabb3462e5dc89e540b0bf44441287c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 19:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2647
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 15:43:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 19:51:25 GMT

GET
H3 200 nationalSale.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/95490867/dirty/ Frame A14C 9 KB
2 KB 82ms
82ms XHR
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/95490867/dirty/nationalSale.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/dynamicLoader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be26fba07431b24b2310d8684abeada9c4ad5d27337c073775e3fa25612e13cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 19:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1993
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 15:43:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 19:42:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A14C 8 KB
6 KB 132ms
132ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5e5539089044aecdfa18aa911779aad076dcd7972cfd0365817deac20db67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5840
x-xss-protection: 0

GET
H2 200 dc_oe=ChMIxaOz9e2EhQMVIgxoCB3Bhgh2EAAYACCMt5xIQhMI-PC39O2EhQMVtbrRBB1JKQzq;dc_eps=AHas8cAeHg9j7DE2UIo1t8_f0w0s-1Zz6q5XVlAA5ApJlSagqSzzqf-1qKIxSKG8h29Iw-0QIo0M3f62dOi5wltdVtA;met=1;&timestamp=171100...
ade.googlesyndication.com/ddm/activity/ Frame EB8F 42 B
401 B 273ms
123ms Image
image/gif 142.251.32.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxaOz9e2EhQMVIgxoCB3Bhgh2EAAYACCMt5xIQhMI-PC39O2EhQMVtbrRBB1JKQzq;dc_eps=AHas8cAeHg9j7DE2UIo1t8_f0w0s-1Zz6q5XVlAA5ApJlSagqSzzqf-1qKIxSKG8h29Iw-0QIo0M3f62dOi5wltdVtA;met=1;&timestamp=1711007038911;eid1=871060;ecn1=1;etm1=0;eid2=4;ecn2=1;etm2=0;

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EB8F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 383595baafe2b45e162f829b42a1e3ef4c6176fff6e501d0e8c94e6cc9323656

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 5557 0
0 125ms
125ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6rHnfgYOQ90YY4u_OHePKE0iNnJ8plRnFJ2oZ9pKnBQO75_UEFvfOqcRaXCiY8yelywztCw6hkOGNCqJcmru9_b8oofdEgfxKZr-vTFCcihtyM0HVwWKZ-PkDUlQupq5jHVuYaoPRUHHy2ZbGtllPo7EHxAec7orMI6ZlPbvTz_QCXIL31jyUzjpM8UpgMcBSpg16m8jZOAoJYjYMHoXoEAzgljy0qcMUVQM5dAz-124H7EeKGHBuEgln2XXkFIzzeFdU4vzAXfz72zKqows5oqoG1pZS4ShKUZssp9-qCCkBIEgRpl9Gl-ZMLDEcGHBw3pVLr5dF90_BtUZ-aQ_v4L-g1K1E6WvEEC7eFGG3Pg60YKwQlKFaaXtlCk0V4Kx-nlcaBXvhF-_Khx7z7WixZEx4p-2zkMt6N2-ONCmDPs4oAsmX1EYP3z9mrKf4Y6yWNYTvqYeXioyPTarTahhCWmtSPduWTUxv2Iu9-20Q8zizxjbcYvzXHlDSUscPQOxePNpKf78W0ETi_AADxyKm14DdKzHTG-PRz0qI9AYQBPlrPwf2lssAxlMSP2o4_V4lKtGEJQuEa38q6RyBtPHbyz4Xit0V6eHpFTJ3Vuk-SFP2V74sokObh6VvL6PTr9Z2sRQblG4VfncW9KHQIXWdLtJ4AkCzHAJlEp7ZG1XQMXfAQZTivLJ9SeLR9gEDoquig8gLma9D4BprcZRQ9IEeGrmVt14RIB0pZYOHLE8SfmoGmQTsGy0wSOMBYdqeq9LWG-HRgBjlhAxFRayVO9dkHzZAyM-hgqtH0aMd9FZlsTgvmPNMZLJFm7rFvtywc-hFAq-xDl6zNIKFidSLYYCXDM1hFJ_Mh12KtslcIcKrVrwoJ7BUvjrqtr6oV2GGZ54lR2SMwAdWCjvrPYUbDAwTxJ9T_ZYoEVgDCfT5hoPhAHvk8xKTGEdf3oAh-2iF4h61h5L9GO8_4dJEcT8jz597obquZjoRTr1YyxcjF1FhhU1799yLsKLemsqJzzBqMIQBCB0jWy0OFUGxBMm9l72KB9KYYOoH5h5GX0Yc7Hg8qDF6U9t3mP4QBtccu7Q-gVUAVS5eUn664OyDlEBPGFV8-FrYlDoSvN-NErLOgwTwGiMkP19PGHM5dP26fkud5PqysjfVPDxOwe8owY3m7bpCTn0sBuBEwD42qbWYTxHlmV4pvZWg6DRBBPqWA1nrmcWo2LKZjLU856qtnBQN5WbXeJ1R0pxQ0klkzOMSCS2QE5v9LLrrtReq28yueZXCrxIYtgjy6lt3lGQZ3DKY0fQW8augRMOF_PNr-4jkVxfexElxOrDknyUWATKMH8dPKApzmRGQgHc4kl2E2R2KmApaBv-DwTXZEP2KDbmwwF6OOxdIqw&sai=AMfl-YQi9tnxq8k4EDFr4FmumNdluIjaaDGJA2860LMFSDA3dm7CHNCTinNfbevL6NnK4GV7SpDLhjO5VNu7HIfg68HvA_plqgoWmD6jxHHybRIe3aQJxVQ7d2EMt-B1vgAp747vdAO3bR30KAEccVyJ59NNKdFkPKJ9LEdwedYhsfrTo3rqQ5IUn_br55lUuvEpPLnPEO1CnTfx3MgKB-Lbhtb07wx02IeDTbocbk71c2M_cPOEWP_0WOY1jVvBlm3K83ivCLqVrHf_WltqhqeLlsa_KcylZKGLuXzmdbQBdS5zkH2FPz17fSNsQgkDn8NMDGLMjlaiTl99e_VFW8RQZk0RUf62zvZgnthgGnR1mxoWV3FrDmI5ZQwsRMV3wWRX5R-rIVPc_-xJFVImKMNSggTeS3Ld2oAvoFthQxllpg6H6TssenKiFVjpbpDN8T8X42bSv6P4kCJQ5JHhFSeGOCDjRf4Y9Xu7SfUgUet1tdFIzdip0VVnhpDhXF5VS7_mTDPeADfKBTshbQ&sig=Cg0ArKJSzJkp5aTXOpCdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jbHVicXVhcnRlcnNob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1676&vt=11&dtpt=1291&dett=3&cstd=383&cisv=r20240319.89498&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 07:43:58 GMT

GET
H3 200 cd6549452d438ce7c48fee26a7635e11.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 45 KB
45 KB 63ms
62ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/cd6549452d438ce7c48fee26a7635e11.png

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

675805dc973b3fe2db505f9e4586e537a0d8afbd5d5ac1f91de53ac6e9b7397a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45723
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7f798b329f462441651ce347cff9f09f.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 40 KB
40 KB 74ms
73ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/7f798b329f462441651ce347cff9f09f.png

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57cedd26d3b9ca002bfeb2d70376e17803c7a31a70f31dd903162ef7fb728ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41294
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1ae999b309246ed9d451bee9dce7f59b.png
s0.2mdn.net/sadbundle/11527359091045495176/media/ Frame 8FA4 5 KB
5 KB 75ms
74ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11527359091045495176/media/1ae999b309246ed9d451bee9dce7f59b.png

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786e55df0f9aa219dc4d299f6b4eb063c11c9c64aaa2d2ada64201bcc847f03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11527359091045495176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:59:58 GMT
date: Wed, 20 Mar 2024 07:59:58 GMT
x-content-type-options: nosniff
age: 85440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4906
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:54:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8FA4 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55f6bd5bff840accf72bdff93a44f960b1f6405f85dcf0a0da9d86b444ae3212

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8FA4 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017550d2607b200cccba8d2888fbf8d5d26105c3c0b92118d86db55a0ea250f4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8FA4 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5aaca461807630a6c19ccaacfa0200ef76add025539f9f296f86c8f4f71c463

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8FA4 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ccc4c7144f4cf2fb728578d227393fbfa8324ae43ec04d528d4666f6bd48d84

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 legal-logo.png
s0.2mdn.net/creatives/assets/5017400/ Frame A14C 2 KB
2 KB 62ms
62ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5017400/legal-logo.png

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd0f96b996b06ffdec1added17f8d1f3249bc9c22801c06b64e4b9c6f1704a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:32:50 GMT
x-content-type-options: nosniff
age: 668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 13:57:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 07:47:50 GMT

GET
H3 200 nationalSale.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/95490867/dirty/ Frame A14C 9 KB
2 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/95490867/dirty/nationalSale.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4303845548995117056/dynamicLoader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be26fba07431b24b2310d8684abeada9c4ad5d27337c073775e3fa25612e13cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 19:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1993
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 15:43:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 19:42:25 GMT

GET
H3 200 TempoStd-HeavyCondensed.woff2
s0.2mdn.net/creatives/assets/4179007/ Frame A14C 12 KB
12 KB 62ms
62ms Font
font/woff2 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4179007/TempoStd-HeavyCondensed.woff2

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a0a54a0c7bef57c1ea008c4bfce3f34e644cbbec2278e31c31137aa142345a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:35:16 GMT
x-content-type-options: nosniff
age: 523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0
last-modified: Sat, 29 May 2021 08:42:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 07:50:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A14C 17 KB
6 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 07:43:59 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 7CCC 0
0 124ms
124ms Fetch
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvKOqfECOZywrAyMkmIZkGYeN9BuY4yJP6z-idrsXjL0vAbxvmZcroxZBUfdPSNd8ethEuMyfhtuWq5XUXFEppNJuYqzvslezJaMe_UQLPZVAEXHG79kt58A1jCcCPg9_y8JK-Jz-QOh9_GFnp6uB2oxPDFaCAnJdmUgpRmyYxuinUP_A-t4Vzd56-679WaGh3gid_uMoSXInXBNGsn0uAC7Oj7ruFjn7fJApiTOL2SWVX_0axu7s29KZW8NkiLDMaBaJrLjO_AB830xKonrgOpMvAGt6byt-b_ziJYW-rO4KJt4_3uAJ-ifTqQl15OyskVPOPXNKblzU6iupKQ04S0OAF24Yg7YuFzUNoeDLgqnumuL-2F_DK7SqYh-rm7GjkJC052WhVRuOJU2IY8_C8ktBvTNtGOJH-qRsNs9GnsHMN9IfuOBZ0frN7_CjpjwWYeJdX1Oz-gz708Puz0SbmM-Ooj_eJsgmJ1DD4yMg79v1Uo5VmXXVvcSjyMsEqaXQuoiBcK6IcXE_yTOrRJqnzyPwyaC0hwUbeXAa5mGnNKNaICWV8oDB_LjLw01HokeujkcqzfoiEf_NriY8NfALtBh4x4EwsO7L4ExYxJ8Ilp0jyhEuV5baK8dZZ1iPS0H9rbRuSc6Kc_rWHgn0DxqFc3Q8rdYOCZUqfl6DKpsAVDjh3w4F6K7Al4Sy6nCvL3IKgBIAwcwePmsv2naCIYbgZ0ErAX2Bo_oQlN4DFongqMJqnUgaiuUtHjxovXyeq1cCT9iJY1tyQ3Xbif3Z2BcAlY_9x_YTaNGtWKai2dMLdMUA6pzcL5dbYNfUkxSQOyEfKubV-z5oXagy6wjOfIdZKllHK2dZX_hKFAoldOYAmvbQGX1lww236EYHeFTlu_vV3dFg3naxxHdk418JpcuhlIqyeKMygsUo5m2gpcY874c00zpfNm7TA-337NG0iTiLZBo01c0CuR9Y7LWqQ7XRQQPYwiBug9Ou3_HCkHkMqu7Tm5a2bdvP3mP6x73cuqlkwatbdjcG8rWlJGGdgAvW5A6jSuHHG0gIHwztkhQB7Hbure7E5wuYUk_6XZZ4wunAR9r2uoaGnnsnKePqWA_b6gGoCp-nsnB8FSi6c5V5jD9YsHnPWI0u7L885qU1pAMp6m00NgC_8QMBtqswdZHwMK8rG5EXHkFA-el226XGus4b2hcLOnxCg3B2VGvbYZXDz4z6lQuyirFJOAAnPw0MfnM7GHhPENChUn0Sr9KlX1zHXvTAr5fFAa8jNfpPREqlVQXUKBIMO9LX1kXQCNywIgGpkRk-YeUujB4J_b_fzliZmw2Ac30sInV7JSnLRh7vym0_bGWVljbwOHNIJxlESJdxAkbAL9JeFd72TFmUinRr6k&sai=AMfl-YQsiCdZScprXrrCqe6SeXYwxr8B9q6R6LOK_uJl4nJiboBXVJLsxjzc_Xaw1d0t7nlM1ZohlpLrdi-CNejqC_KErFD8lfEnzqZYeU56eyVqHECIdPd6jYy8h7UOriRaKWLolLZg-wKRCfgD8TKwKVcbdHcGBYOZndUxVpA7Kl2dl-bQgSX1UuApUkHpH2mGtUYBFYDmeR4MLB_azxrbaZw9SVtScn9UMnVl9wDSvCLl49kzRPCS9C670GiYF6f3fqsg509DP-5A8hTzwFBsGYMLEmZ4dsJ2Cg61wkSWGDYrPXLcFwZ7DG-nzooi441qIfLOSz1iHJMf6PgoTxGy9DWS_hw32CEaALJJMBG4uJ1ZhN9zcMxO9f5ZwK6a9z7CiUI18NWPBGkRKmA0IUTkm8Q60rd0zL_NaWHEnkPj4dvJcZQmqLL1WucgCAvrtuM0KEilgiehqJ0jODHkjq5DkquBLqtIQDYCd_sEALnMOLefCQHlevjgeGZYcmQRUsUZXr97nsOwBU7pAA&sig=Cg0ArKJSzPBFnFKQe5mREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jbHVicXVhcnRlcnNob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1900&vt=11&dtpt=1455&dett=3&cstd=442&cisv=r20240319.43745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: teb.shatateg.com
URL: https://teb.shatateg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 07:43:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 144ms
143ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ada55acb84a936e827e07c6aebbe67e89a7a74323eb26b79913c2154dd0afd2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
215 B 121ms
121ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdNWl,pingTime:-10,time:1487,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjEyOCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1711007039148%7C%7C51598fd173f5763fb737fcbcdc4c9c3b%7C%7Cc2f0dae1be250666004502f5b1159da0%7C%7C77bb0406ada207f9a330f82d9c6ea5b8%7C%7C21a64192fd7a2a9c0623b4a06d87f7c7%7C%7C69d6f7b9d1fd28e5acf87601a7dc336a%7C%7C117a5c9699be7b0a8b3d01b819d6618c%7C%7C9f879a6d30f7f00718134f99a392b9ed%7C%7C1663701684,im:%7Bimprf:%7Bttecl:1584,ecd:183,tsecr:209%7D,pci:%7Btdr:532%7D%7D,sca:%7Bha1:%7Bres1:0,ps:0,ts:1711007039023,psfr:na%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:59 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 60017459_20211207241627672_160x600.jpg
s0.2mdn.net/ads/richmedia/studio/60017459/ Frame A14C 50 KB
50 KB 67ms
66ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60017459/60017459_20211207241627672_160x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dceb271a7619353cf857a54cc6fc4fd2319643a86d88a233e6204bd7a0815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:58:53 GMT
x-content-type-options: nosniff
age: 85506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50823
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 08:16:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 07:58:53 GMT

GET
H3 200 60017459_20231101064757512_ccl_logo_160x600.png
s0.2mdn.net/ads/richmedia/studio/60017459/ Frame A14C 16 KB
16 KB 68ms
68ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60017459/60017459_20231101064757512_ccl_logo_160x600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8cb30c1cc00e39bfd09309386929526d676521c9af38de53f48f2a8f5ccaa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4303845548995117056/index.html?e=69&leftOffset=0&topOffset=0&c=xEcs9BrgY5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:10:03 GMT
x-content-type-options: nosniff
age: 38036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16053
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 13:47:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 21:10:03 GMT

GET
DATA 200
OK truncated
/ Frame 7CCC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c548c38ec49c90ffd8eb84aa2e85dc501b2c1c7181d3697bd4eaf76f923b7ea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5dc7efa7ff003fd08b810b2787a0f722.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 111 KB
111 KB 63ms
62ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/5dc7efa7ff003fd08b810b2787a0f722.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8d659e1d91c88f6ea683c05ee9455b9e231429018f543d84511a3d8cf5c335b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113787
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c2208ee630999cf5bbb6a7c7834320d.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 211 KB
211 KB 68ms
66ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/9c2208ee630999cf5bbb6a7c7834320d.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ac2080c81f721a620626085a796c65685abb38f86422e9ff3fe171a6096d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216156
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c2b23612fd1a7bf8f4062e4c45b8018a.png
s0.2mdn.net/sadbundle/18058294086944130876/media/ Frame 29A7 5 KB
5 KB 69ms
68ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18058294086944130876/media/c2b23612fd1a7bf8f4062e4c45b8018a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff61e6ee994ee7e9c7f0da7c10fcfe67f5f5b79a77de895dd9a13fe161abbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18058294086944130876/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:28:52 GMT
date: Wed, 20 Mar 2024 08:28:52 GMT
x-content-type-options: nosniff
age: 83707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 19:53:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3014 40 KB
16 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 140B 0
25 B 128ms
126ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIjuiPeX7ZcvSItyvoPMPnLaoiA8AAAAAOAHgBAI&bg=!mZqlmtXNAAZewuCMfsI7ADQBe5WfOODcNNJSrUrZ6nbZEgfy8A8O7JCGdV0lY469xpE8jukBNo7MpdlYBigKOMMgIcp6AgAAAiFSAAAABGgBB34ANZ-TPnKsLNhfRIxIDli26e1ACO-CyCukMFSRy1Sz3LGFk4FY8Cu5Thxn6JcmBcegYakSgFuDmQK0mPXzvNFZct1GR6bZTzBLYfR-qy3_0GAUnbp1BLvdo5ouYi2FFued7CP9JjnJLDlg0OvmzMV01f9L7qH1thoO_W9HyTBERnJXBar6xd9xv-cS-DkJJOyE6yFcG2FVgvOSHlAOhMSW4MHIyETnD1qEIMyszq7kb8wCEcvGyOpy1Tcx1T2wzuyWe5lE8fJRQzHDmPjcNnAHESxn8dwysS4eGHiifEkS5yMuN3nHSpFb0tXWrr3tz61OxrW1_yU4J33RMMnVcZhYbqdQTi-VibEjDHhOnLTzhcazFlv9wphjx4kiEsp6WXJQ_aVNd3KX20B3awkVl9LEx_UBruJHBBEfnlasOC174Gfp_gVmjtPC1pMT4BYPpVcsgQBW1UGMxdPURvLSqk0o-LEQBUfmBenhAQM-Q9wg-RBHqeO-aYWjFymzOH8ZESxspnKTWwL9WhKP_F1-MY4fc_TDZWjeNI0PkrqzsqaJm4IJHninjE7oJYUIPCA4k1FSytXxNluI1jHLGZ4G1rxvLlmGHaQwm2tuKrVZgcb7qQl0ez6aI4OtlisZynRJHOJiaF40afeae1Z0jk8EPY8By9bk3vEuOgLdVZswaFzzyVOMC_79-QOVyDmNH-JaT99znJ0rxqv76V1nue7jWFQja5R2I83Gt0ApxxF_aTdzNMlCk3C9ZMx-UzxeYWcXxgETdcIXrKbAH8BQMx2LImmdDdJrKIIgz7cjWEJMyuZjOMcIm61OtC8IYYnSm8OYtsUPSd5MlrRJey2Mx0bUdetn1OxyAk2Hr_XKga10FP59LBMx4Jpu4ELafVmHTR2nm7p8buKciiy0OzbKBBM9zUkvSpJrk_X_OvtgGXXjQ2xMkvbNNzsJd7mUoPa69mWo6k3_V9eeZNB6MHw2EqghkzPKUA-s4-y5yLseVp8AXGU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 90ms
89ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 07:43:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8A1 13 KB
5 KB 68ms
63ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 85911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:52:08 GMT
expires: Thu, 20 Mar 2025 07:52:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3935 829 B
999 B 89ms
84ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e114f14569465a6292ddda7631dd92a916a0728680187d932629c56fde85f88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W0BHFYWI_njG9u6EkoNzMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://teb.shatateg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W0BHFYWI_njG9u6EkoNzMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:43:59 GMT
expires: Thu, 21 Mar 2024 07:43:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A8A1 40 KB
16 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3935 0
0 122ms
121ms Image
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240319&jk=3141070007527620&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A8A1 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Pceedw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:43:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB8F 0
25 B 124ms
124ms Ping
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2855294968892&version=m202402290101&ct=76&x=1&cor=5829989460768161000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:43:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB8F 42 B
64 B 126ms
125ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt_uplU-_bzq-ZtM-_LVq6NqZq5h7EaYW5M0A9UaZdAz58KctCpmP6UgLrcc1XFkipJM_Wz5cKRZ4fWDMxFJk5yjmHcoYp8zq9eF5y2tFiQjn4HQTMn2qhkmVWbj4pcIqpUqmIgzQvXrm1EtL7KIihfukQBvNb6MY&sai=AMfl-YTsb5GgDyNZm2AtXenmYu4_oD084c21xGW_7I8b6du4xcs_JGd_nml1CrZUYf1hpc3FiKSc3hjTIfXzA9t3ew_0pjCDgVapQ5HXwdVWH03bHTll7ZNV9NKJDzx5Iaur0SxVNLQTFa-LrHWLKVhCig&sig=Cg0ArKJSzDGlvqxo_sF2EAE&cid=CAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=693983700&rst=1711007037202&rpt=1272&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:44:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
215 B 118ms
117ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdOaV,pingTime:1,time:2391,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:737%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:1388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1388,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:736,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B675~0%5D,as:%5B675~0.0%5D%7D%7D,%7Bsl:i,t:1388,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:130,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:739,sis:1132%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:44:00 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB8F 43 B
215 B 118ms
118ms Image
image/gif 2600:1f13:800:7782:158e:a624:38d7:fe67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9adaeb56-8d47-a17b-2152-c647a9322fd5&tv=%7Bc:7xdOaW,pingTime:1,time:2392,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:737%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:1388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1004,o:1388,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:736,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B675~0%5D,as:%5B675~0.0%5D%7D%7D,%7Bsl:i,t:1388,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:130,fm:u7DJa0e+11%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C18121%7C1813%7C191*.1288019-78683891%7C1911%7C1912%7C1913%7C1a11%7C1a121%7C1a13,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:739,sis:1132%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:158e:a624:38d7:fe67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:44:00 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CCC 42 B
64 B 124ms
124ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrfLgrDtmdkTZ-MmAtrgjnHDOUeRKRCa4AXuMiku1HWpUfU61rEHoa45PcW14j60oibG7j_IqXnSvoWfR_50hRfyu8NPGcqJMtGcsNtPIEGkBIRc8XosEU3mJj9Q2uQSB0NuTYZCRzsGxkH6l64uaEn_NsOCnUoVE&sai=AMfl-YQZ7utBtvM04m3Wep62vP6BOosbLLEIGr82_FcWjZOPLMdb_p6AZg0Man8I79yd7Z6IT5QHFGoFu8TXYwsm9393z3B4W_WDkVsz5cGsqtzxXu06Cj4LydYEL-VoGaFTYbqkPdct8JxDufPPz7PLMw&sig=Cg0ArKJSzGqcf39q39weEAE&cid=CAQSTwB7FLtqhMxmNJEaVDo0CGUZbuGKZ4hmJalugldeShN75aH1H0w8YifqkA8OesVWkxJjTwkUhghGLfLLPn0BGap6rKHnlJEtKnHuGFf-qqYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=693983700&rst=1711007037139&rpt=266&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 07:44:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
125ms Image
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240319&jk=3141070007527620&bg=!W1ilWBfNAAZaswqNerM7ADQBe5WfOMRFn0EvaEVcQ28bB5z1S3Djg--N2-rebbJFtNRuWoxY48kPhXaMO0e9iIG9ThdzAgAAAIZSAAAAA2gBB34ANflNio5fAK8vmtex5p7c-qhivMhXTGqv8GZVpf7uZxxYAiKkXxM8UhCQ9NqOOyqYCVCkauSiCgBnyh-MQEytHvleJWzL344FmJTK6ke4y55COQ55x5RHuh0WvCrJ9mfXf18EnRRDutYrReZaFGeqGcpyzmOJof7HcdOrZ3Sf9ixosBeak0UyLGorc4FpEpuy8yDew9WvCLkbE063fW8B6pkCar4SzvDx9w8PTigX_oh-s2t2b37kE7gWwCcrauPW2iOazfEr4LEgPxazMhahyiCng0_3DDZXOMnbzmDGeLpiwzE0Cx_99cxE82rjXM1DhJai9PLtXSI6B37jBYSHYFU4mPrbExcvdgv3mfHos16jPRnjIXQep_UW57ch70jNddUAEFiIXlH-5gM4yZ3sH8E6P6_DR1WvwD8nDwwsUSYMfG5DKm6I5v41aJo1JhTedljsXxsTjazkVg7Wr6FA0NA3cUWfjDGrpLQIpWH4Eb_UlNXXxA7nqtXdY9toqWTRtCYtRI-CT1gbeE4ZzovcrPv-hf0pgrUuWJXUHScUVsn5qIiM7KZRQhqB46ijuxY17ro3dOOZFc4ZMGiBvd_gOctlbacYpP0Xx08QFLCWWLNodL6QjcFp9_l-x4WRUdR3Y8joIaLhOSAyzCEHLe9UrVvliLYrXUjU9wSgIlD_kiuw_yyVhIk0AoVQZE0SVOltvdu9UqbC61z1IyybQCHEM854ZmR-x9_x83NdOowXekW4jp9-nD9GohG_i9TZJpqb6qr5JM5OjsNUbp37SkR7zEpX8OcP3oncFDGsIT5NRMcBxTMXLFyIgzKf8hyC8TOUJyp2hfzGuHaPXCPVx3NEW_GZyw5Ajplf6n6BcAcHEvSu5F3Mik04mqDg_-zdzzA-TJAfGaLLjHcCRyugKxs98PovfDB0cusNDnqU9ub5hOOhdUOXYbeMxs-MlVwwAnc0FNHY5JoxXHC2B-x-zIoXpXVNVHkoZTeW8cUBtbkTWHllub3i8Z4Ef1lV0wAa-AUOKKJ7YeD9AIqjdc53DA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://teb.shatateg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shatateg.com/	1970-01-21 04:52:47	Name: _ga_4K90G1N3DV Value: GS1.1.1711007034.1.0.1711007034.0.0.0
.shatateg.com/	1970-01-21 04:52:47	Name: _ga Value: GA1.1.1027939771.1711007035
.shatateg.com/	1970-01-21 04:38:23	Name: __gads Value: ID=fbdb53dd58657242:T=1711007035:RT=1711007035:S=ALNI_Mbi8LuHVmJ232DdurwsGv0TEAE70A
.shatateg.com/	1970-01-21 04:38:23	Name: __gpi Value: UID=00000dd451c8e30d:T=1711007035:RT=1711007035:S=ALNI_MZgvnSqiBZBskxY25PtcVundzF5tQ
.shatateg.com/	1970-01-20 23:35:59	Name: __eoi Value: ID=9bad561cfd77b6d2:T=1711007035:RT=1711007035:S=AA-AfjZOBvJB4hW1GImh5uCZxLat
.doubleclick.net/	1970-01-21 04:52:47	Name: IDE Value: AHWqTUnD6Mq0T-UUjJzWZahXZukX8KVnGTuQE_6GY4L4vX0TbfvYbRMKawoXOAJGkng
.googleadservices.com/	1970-01-20 21:26:23	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:35:59	Name: APC Value: AfxxVi4zj5IaqeU0IFtlc4ju8vKAqYFDiLhp-JsgsERfxk_JXGPcqw
.doubleclick.net/	1970-01-20 23:35:59	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:52:47	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 04:02:23	Name: CMID Value: ZfvlPtHM77kAABaZAQ6IPwAA
.casalemedia.com/	1970-01-20 21:26:23	Name: CMPS Value: 1495
.casalemedia.com/	1970-01-20 21:26:23	Name: CMPRO Value: 1495
.adnxs.com/	1970-01-20 21:26:23	Name: XANDR_PANID Value: _9_kpcl29CATnQbhY8UHrEy5gEAoo5MK1Gkypiavt3NrBu4n_2aS2yFeOdPmoawl5eAgpDX0Hkg1pkt_ndgcfnX4muxsQBPYCc3QkePA_xk.
.adnxs.com/	1970-01-20 21:26:23	Name: uuid2 Value: 4050386138890311497
.adnxs.com/	1970-01-20 21:26:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ildg8Q6#!]tbPl1M>e)ZlrFUfJ+tGXxp2::>'eZ6DS/?io0LTa6r2Z96.KYZSXFs*7r?3If)y3KL9D3I?+dU8<F^
.doubleclick.net/	1970-01-20 19:16:50	Name: DSID Value: NO_DATA
.samplicio.us/	1970-01-21 04:52:47	Name: _ftv Value: e7f62d26-2f3f-43f5-9c3b-5f2ab264fd35
.shatateg.com/	1970-01-21 04:02:23	Name: FCNEC Value: %5B%5B%22AKsRol8IVy-mXKPwptjL01q9X-IFH08kgnVpQdKJQHbDAua7nLSFRc1Z_jBE7JXCUBO2d-ACT6SuaVjN-Z2a2zRhmZQpkQe-qKtCFL8PhKdYgCQszrbotM8HSww6BF9KfyJrl1mjua_K6Wtshh7c3fi6Ej6Ot-V6LQ%3D%3D%22%5D%5D

112 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teb.shatateg.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s0.2mdn.net
secure.gravatar.com
static.adsafeprotected.com
tag.researchnow.com
teb.shatateg.com
tpc.googlesyndication.com
tracker.samplicio.us
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.teb.shatateg.com
142.250.80.2
142.250.80.38
142.251.32.98
142.251.40.162
172.253.62.154
172.64.151.101
18.164.124.65
2600:1f13:800:7782:158e:a624:38d7:fe67
2600:9000:247b:4800:8:48e:53c0:93a1
2606:4700::6811:190e
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80c::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2008
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2003
2a04:fa87:fffe::c000:4902
54.209.232.41
54.90.211.165
66.29.132.80
68.67.179.166
017550d2607b200cccba8d2888fbf8d5d26105c3c0b92118d86db55a0ea250f4
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
043dceb271a7619353cf857a54cc6fc4fd2319643a86d88a233e6204bd7a0815
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0649e29d7357667e80368af86ed5d62d22dab1d2ee15be860fbe4b1c22526d02
09c654a32371d6cbf4424e4809c3501b66bda234f8e5daf9e24cdf1290427cff
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0ad79ac33c7c41387626a97dedea41c966bb10f37988f79300885ded4e73d8f5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ccc4c7144f4cf2fb728578d227393fbfa8324ae43ec04d528d4666f6bd48d84
11b4babcc80509a9122a83295ac9733770ca132f21d3ff3ee4dfd2c0f47adb3b
133bf967d042d8b36e66741c07b0c8e344b0b2c94e312ed8819a211076472db1
1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1dd618fa22015a779c6e0fd0520522fe395c2ee0235c27cf4ca028026a1aaa28
1ff61e6ee994ee7e9c7f0da7c10fcfe67f5f5b79a77de895dd9a13fe161abbf4
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
21b9607d13f124e0a140b35c845462b0ebdb6530febdf46b6dc5e8f3bc4e5ce0
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
28a0a54a0c7bef57c1ea008c4bfce3f34e644cbbec2278e31c31137aa142345a
29fa96b7a0b9c6369e60ba0e70cf5e2d0fec233fdbe38a25afcd03fb7ce7b398
2a2f6696cabf9e52f1853bc7067bfa0e9b483e5e91888deaaef1277db88da7b9
2dea57483641f8762937dfd9b09126a9b21c88bd3d7486186003e0bbb9043145
2e114f14569465a6292ddda7631dd92a916a0728680187d932629c56fde85f88
2ed7f618d07866961ead4b4f2477a025b9a96a2db97bfd658cf29b993d2da269
2f4cfbbc8e5ec834092f3e40158b5a1b1551fb0b8e5bb9894335bac7b49f913a
2f8cb30c1cc00e39bfd09309386929526d676521c9af38de53f48f2a8f5ccaa8
2f941fa78bcb96c10579a587e22db761b6f1d8a2a3e1e35cc6c5c627482d8920
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
359bdb6a58c27b189bbd516b001c3de891dd111a1117164f1e485dd5dbba911f
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
383595baafe2b45e162f829b42a1e3ef4c6176fff6e501d0e8c94e6cc9323656
39d752bfe6a9471e688d51bdf902bc8e5fa7234ae75c9f1bafbd4c2b3787df2e
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3c49242a559a6ed6293968c6e67494333cfeff8421871f145dfb788812320678
3d0ff43987dad12fabfc311eb21149e4afbf79de0e7095cfef9bfb75936baec6
3d5fbd63abde0f5185ff562ec63951e4afac8ce34e87b5ccba110d7f43a71f37
3e1f8960b3ef0d809c54fe0eb21036c8a2879147e90fff33bfea0c482e067cdd
3fb20664317bd57753d8fdd0ea209a87ebabb3462e5dc89e540b0bf44441287c
3fd0f96b996b06ffdec1added17f8d1f3249bc9c22801c06b64e4b9c6f1704a1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4668aaa115d9fc817da22e7b6771b5181dc68bc11fff9610e3cd202d5ffc8d01
47c989adb4890c251fb3c9c039bfd540d80268776870cc79bb959f663d0e7068
4a4d5aca2fce3cc3d3a67ec981bc0f258dd3f6d4341fef000433be4a5707f1eb
4a8bd33bfe771e0bd46fade45435a9fa2d0c3a8af2409b1f5a74a6b96b03faa9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8e9a9f92d937c750e5942fee65f3fbbb34c86beb7072fc678234f9ab83c6fc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e3a5c54dd56e9c403193c8cbb82ba17fb70928c3fec2085f3d0b178aadcc6d8
4f28e848b7bfcc9e1c92ed2d64ba20f9bf13a06c22acbbcd5697b913e50fe519
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51e42f06d6a3da19b5e618e837bab6f288e4b2ee70688243274a8b6dd0d78b8d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54c8ea0d64c3d52573359befbd4e5fab7ff3d18abedf40759fba7d500832177a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f6bd5bff840accf72bdff93a44f960b1f6405f85dcf0a0da9d86b444ae3212
57cedd26d3b9ca002bfeb2d70376e17803c7a31a70f31dd903162ef7fb728ca4
58681d19adc4845e2570222cb1915b9ae0957a6e65fef8dfe40a5d64124244f4
59d1897dd09f6a955b78e28b7b372429ce9fa4dc075eba546e16f5848a305f50
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
5e3a83695828ddf5c09beb8d7d1148586d636609f219550e34b29557f29f556a
60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62edf7810bd93682493146a37974f5c16f4536917f51d3c017b6c9443990f0e8
675805dc973b3fe2db505f9e4586e537a0d8afbd5d5ac1f91de53ac6e9b7397a
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1
6a86011fe975a6f628beff0617639b6004e4c45fa841779e9455b336ab0961bf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc3100524ca200ef96650bf963ea1b31fd4a6b3451579546aa06dee402541f7
6c7af97df2edd8a7b4350e1025a6a743fd659b8a8d2db3470957568860b64c27
6c99d9ffffee64964c3d826d3cccd5f33b8f575f491dc844fde39b6dfb55c401
6ea3d52ff480149ef404a1b2d8f539631ea0d979f4bbe90e56aa21655e20ad45
6f708315ec1e5f14fcf831768764aad338d6507ac1e5f11c155c820487052544
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
762ac2080c81f721a620626085a796c65685abb38f86422e9ff3fe171a6096d8
76df42a653c7a3837918c2ba9a12153a151cd8b7faa4f90bff7189f2962318ef
786e55df0f9aa219dc4d299f6b4eb063c11c9c64aaa2d2ada64201bcc847f03a
78a28566683e7a1ed378b0e0a29ceb8a7a15e1a4b3143df852a0f9b715940a89
7b514bcf19831b88f68b796000857a69d460fed4b19193a38f1e05590ac873d4
7cae7169b827677f1d974d924cd7217e3c88d63da5b43c3dea66141f46969b28
7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30
7f65cae0701cc533eaa5101545498ca61d02bd161393002905ea83cfac95c302
80b4accbb71129990fa5677bdff24baf6b6ff27cc6204966be89965a33c7f2ca
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
83dd059b97a2ee20fbf05ed798a5f5e3941a55e7a56cd746108dd486d90fc171
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
877c2871eeeae9551ebc0809e708ed6b4e18f29b89c7af287838c6281bda6ab3
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
8ba602dc61d19cb58cc7f0d45893937b85956b566db0ead79960dd67cf7e9d96
8c548c38ec49c90ffd8eb84aa2e85dc501b2c1c7181d3697bd4eaf76f923b7ea
8fe0ffd6370e215ac93e92e280eab9ef897dff6ad48a3bf853dcd764864c1ac5
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94f0cb222975e7939a4b4c283376fc06fbcdfcfced990a4cfbb37bf74a29567f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c166e0614d62dad364da2319f38903fb1c4d035bde035763a869c4a024ccecd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a79e3c3426aee87863028c5f3ebaf858b6ef546286c1d8b86427d17d979a7a1d
aa2a19df9188db3a3e23bcf60565fa8d76f98efec318e5e328146a4493dc43b4
aa8d617b28a82f37b54d56705349ce899f99eec59e0f8777afc556db8867abdf
aa973cc84a31f73755348dd7ad895cedfcae706c4184034447550471986a9568
abfa42ca42e73fdd0d4458a8e070ca5a5e5bf84555650ac8a71e6b14e80e617b
ada55acb84a936e827e07c6aebbe67e89a7a74323eb26b79913c2154dd0afd2f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b85d10fdb069d676488d4bd70e661f25651d9f5ff7f88f3bb9e234a171b6f4
b436b03c84fb39a3cb9f9bb41f590e03658e15f504a4ecd2d30130622f7d61a7
b5b87445d5a5290db97c93ed6498a753975fbdabbed8ca0c121c79286a83d899
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b969721ef6fcca6918159844304aff2970cf511e07f17837c55e989876cd7a3b
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a
ba92485740c3204ab381a7770b5a3cd31436a0a7412b56a0da97dcf29ce35c18
bd39ad9ad66e4aea9850216d40bcec1307c72dde6c1d16ad7f1529b77676dfcc
bd8444384c1ab218491753c1319f7b17e1d025dedf063e9dedde7940471a0f42
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be26fba07431b24b2310d8684abeada9c4ad5d27337c073775e3fa25612e13cd
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3b493fee4ddb6665a4587102ddf18a319f2a5d301d802e9dd656c16e771f222
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c5aaca461807630a6c19ccaacfa0200ef76add025539f9f296f86c8f4f71c463
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cafbdc8859a471bfe3ca1fa74875ecf94084726d033999fe4a5da29f3f9b5d93
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc5e5539089044aecdfa18aa911779aad076dcd7972cfd0365817deac20db67f
cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c
ced1c52ca11ec15d5823d40238da7d07bf66ca8e828fafed0cdb1fba14afb2b9
cf292d4654371156b357f99b973a288a8242d11dca86aba63c4d7a55bcb69151
d20e84e98290a7c000cc109b3777535efd23b192f31c16203069bf5a36692539
d359880fa99ef4c99b45828b69ea479bbe8a98acad2dab05fa033fdcf161101c
d453921f06393967c500a009ba363b55a23bdc959b09894b5908cd087f96bc40
d9f723900491683a66d7b327081ed9b2a48628506bd3ee66fc02d9cf0643cca9
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dab55442fb17b93d6dfd52e2b865ef89a68b75a12349f5cd3614390a6d54c0a1
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e10155d53492ded3c166ab6ffb0d572f0838c479db92c4dfbd69673a37d11528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec8afdb18ff5830e15f44029f886361c9d53aaa405a946f0fb27872b86e4b1e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efacad47a80c1f1ce7a2fcd192a4d852d1b33b9a2a404272f8a23d5de6e399cc
f3bf61bafa7ad07f824e6d25ff4a65c25bab0fc25e6859444d879cc3d30b2b9a
f4779371b5aaecbde777742fb0beaed394eeee74b5af207e515d9d063396e8db
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8d659e1d91c88f6ea683c05ee9455b9e231429018f543d84511a3d8cf5c335b
fa3c1a2ea61c4d214b91ddd34ca6f96c65c7a7bfb95e14cc42116bf937425636
fdbf662acf2d4882a8beed29ee1c6595990283d8bdba1f7d8527a9ced2a0e8d1

teb.shatateg.com Open in urlscan Pro 66.29.132.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

249 Requests

94 %HTTPS

58 %IPv6

17 Domains

27 Subdomains

27 IPs

2 Countries

4446 kBTransfer

10164 kBSize

19 Cookies

6 Outgoing links

Page URL History

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

teb.shatateg.com Open in urlscan Pro
66.29.132.80 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

94 %
HTTPS

58 %
IPv6

17
Domains

27
Subdomains

27
IPs

2
Countries

4446 kB
Transfer

10164 kB
Size

19
Cookies

249 HTTP transactions
8 data transactions