Submitted URL: http://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdm...
Effective URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdm...
Submission: On January 22 via api from US — Scanned from US

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 153 HTTP transactions. The main IP is 51.159.195.18, located in Paris, France and belongs to Online SAS, FR. The main domain is proxybrowser.xyz.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time proxybrowser.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 51.159.195.18 12876 (Online SAS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 139.45.197.250 9002 (RETN-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
19 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 23 2607:f8b0:400... 15169 (GOOGLE)
31 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2606:2800:11f... 15133 (EDGECAST)
1 151.101.65.108 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
7 142.251.111.154 15169 (GOOGLE)
2 3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 5 2600:1408:540... 20940 (AKAMAI-ASN1)
4 104.254.151.60 29990 (ASN-APPNEX)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... ()
1 2 172.253.122.149 ()
1 139.45.195.8 ()
1 151.101.130.137 ()
153 25
Apex Domain
Subdomains
Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
550 KB
21 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
ad.doubleclick.net
256 KB
20 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
297 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
storage.googleapis.com — Cisco Umbrella Rank: 286
170 KB
10 proxybrowser.xyz
proxybrowser.xyz
82 KB
9 propu.sh
propu.sh — Cisco Umbrella Rank: 445386
41 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
5 bing.com
www.bing.com — Cisco Umbrella Rank: 53
13 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1783
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2553
30 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
325 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1402
r4---sn-q4flrnl7.c.2mdn.net
950 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
864 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
60 KB
2 amunfezanttor.com
amunfezanttor.com
355 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
146 KB
1 newrelic.com
js-agent.newrelic.com
29 KB
1 rtmark.net
my.rtmark.net
546 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4271
32 KB
0 nr-data.net Failed
bam.nr-data.net Failed
153 20
Domain Requested by
31 tpc.googlesyndication.com googleads.g.doubleclick.net
proxybrowser.xyz
imasdk.googleapis.com
tpc.googlesyndication.com
19 pagead2.googlesyndication.com proxybrowser.xyz
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
18 googleads.g.doubleclick.net 3 redirects proxybrowser.xyz
googleads.g.doubleclick.net
10 proxybrowser.xyz 1 redirects proxybrowser.xyz
9 propu.sh proxybrowser.xyz
8 www.gstatic.com googleads.g.doubleclick.net
8 fonts.gstatic.com fonts.googleapis.com
7 fonts.googleapis.com cdnjs.cloudflare.com
googleads.g.doubleclick.net
6 www.googleadservices.com proxybrowser.xyz
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
proxybrowser.xyz
4 lax1-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
proxybrowser.xyz
4 csi.gstatic.com imasdk.googleapis.com
3 www.google.com 2 redirects proxybrowser.xyz
3 imasdk.googleapis.com googleads.g.doubleclick.net
proxybrowser.xyz
3 www.google-analytics.com proxybrowser.xyz
www.googletagmanager.com
3 cdnjs.cloudflare.com proxybrowser.xyz
2 amunfezanttor.com proxybrowser.xyz
2 ad.doubleclick.net 1 redirects proxybrowser.xyz
2 r4---sn-q4flrnl7.c.2mdn.net proxybrowser.xyz
2 storage.googleapis.com srcdoc
2 www.googletagmanager.com proxybrowser.xyz
1 js-agent.newrelic.com proxybrowser.xyz
1 my.rtmark.net proxybrowser.xyz
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdn.adnxs.com proxybrowser.xyz
1 adsdk.microsoft.com proxybrowser.xyz
0 bam.nr-data.net Failed proxybrowser.xyz
153 29

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
embedgooglemap.xyz
R3
2024-01-06 -
2024-04-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
propu.sh
R3
2023-11-17 -
2024-02-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05
2023-04-07 -
2024-04-01
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05
2023-10-18 -
2024-06-27
8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
rtmark.net
R3
2023-12-23 -
2024-03-22
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-01-15 -
2025-02-15
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2024-01-16 -
2024-03-26
2 months crt.sh
amunfezanttor.com
R3
2023-11-22 -
2024-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 22 frames:

Primary Page: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Frame ID: 87DB4F77E177854559FF4A936956EC86
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 00473B2A1DFFBED40D9DEECAEC2E0F9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 384594397C54BE8CB203DD7B668BBCE2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Frame ID: 17968427A850DB3AF6DA17490BF48BF6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Frame ID: 8A002DF9EA6ADC6C6D887BA4B1DB5F1E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&adk=1812271804&adf=3025194257&lmt=1705894075&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075227&bpp=3&bdt=855&idt=239&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&nras=1&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=251
Frame ID: DB23FF05D8488F098850B34EFE1FD13C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6880D041C292E945E36D615BC65DFE83
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 66B6CD3B337656EFD96261BB79EA8673
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 02F3F98E70D4EA80AF003E485047249F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 824695697C445FF416D2A2B6061DAB47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D1585AB5B36466B71D02439AFC9627F9
Requests: 16 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: F2396F2F65EFE5C76F5580F1571239D5
Requests: 15 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 47189A9CE59E79E03C00DF50ED45570F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 454261C05917C71A857D20787A4DF0EA
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 19E078D7CBB76BD2A5AFF84316184E5D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD0D1D812655E93C3175C8CC87E61213
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FECC3D4784446103260E6000DF20FF6A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: E76A2C4F3C89D4C626F93E4C36EA0638
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: CB3175FCEC1B4A2CCD704CB99B01085D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: EF7DF620F8B4A9A9FBB86D72A5C57478
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4053376EC67F5496A12346E32E865FF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF58009F340E9CEC888AF5760E873ACB
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Proxy Browser | Free Web Proxy To Unblock Sites

Page URL History Show full URLs

  1. http://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldsw... HTTP 301
    https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldsw... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

95 %
HTTPS

68 %
IPv6

20
Domains

29
Subdomains

25
IPs

4
Countries

2050 kB
Transfer

5853 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb HTTP 301
    https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Clc54u-CtZbXDK4S87wLG2ZXIDIfKlrh1r4iK0uwS5oKQ0_9BEAEgt8ulT2DJhoCA3KPEEKABoML61gPIAQmoAwHIA8uEgIAEqgTVAU_Q2Rqf7EDVFuM8a5ToABdYviuZitEHcVboulXQrCt9wDC-dNlImz7vNe6ruCG-3YDw8FOKurR4ruqBl16PaIuUhbj5LZARWJeCb0-zHK1fr86WDHbUGqG_wv8kWliI7Z30bOk98ILtoh_oYS09Am5_63q77jCZJ5zxDp-7JBRYkQXB3T5v3nBWTgbYhnP6RPp_lTv4RT0w0rDVLzF3OJE5hGvuydoQq75EybP6MAH9Z2_JR1x_Er0_aBBs-LGvjvY5OTxWGnbx8MzmX58t2chy_51LbMAExa2s18kEiAWS1qn-TZIFBAgEGAGSBQQIBRgEoAYugAfIvYUpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ_NgZ0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliK-Z7ThvCDA5oJiwFodHRwczovL3d3dy5lbXByLmNvbS90aGVyYXBldXRpYy1jYXRlZ29yeS9hcnRocml0aXMtcmhldW1hdGljLWRpc29yZGVycy8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wcGMmdXRtX2NhbXBhaWduPXRyYWZmaWMtZHJpdmVycy1lbXBygAoByAsB2gwQCgoQ4JKEpJDg38kEEgIBA7gT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzY3MTQ3NzU5MzgyNzAzORgA&sigh=MnVnYBBZ1nw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_jyhGoOIIacStGD1jyaUVVAeIwsUa05hw5FecUgoaqjcEf_HYr4a5_25apbaQa2UNsmHk842k7O3xxZNhN8sAKW7XsJVW7tyyuhgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9921ab07d3f86130000000000000000%22,%222%22:%220xf02afd753c5cdb890000000000000000%22,%223%22:%220x9015366afc987cd20000000000000000%22,%224%22:%220xe391767bf2a2c03a0000000000000000%22,%225%22:%220xc6c2cb519d3b61a70000000000000000%22},%22debug_key%22:%2216486280230470902824%22,%22debug_reporting%22:true,%22destination%22:%22https://empr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22987668768%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222841888497280654721%22}&andc=true
Request Chain 91
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 99
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=39e47eda-3961-4d95-8445-2a06ea26ec06&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6548452f-d17d-49df-be3a-28382f19e3ec&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dda12605286ab4f28a542ff283cb52554%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=161683890674209851 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=da12605286ab4f28a542ff283cb52554&SNR=1&GV=2&med=10
Request Chain 113
  • https://gcdn.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/21721B356102DAD30C7FA16BE5A50D3538783AF7.8461B22A63EB311B149A6639A0D51FED67B71A37/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/45ED17219C4AE7B3B59ACA155A7C239F90242F0C.09AFE0F753941E9CCFBB8B4FB3B0E55930B15DC8/key/cms1/cms_redirect/yes/mh/hV/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4flrnl7/ms/onc/mt/1705893335/mv/u/mvi/4/pl/48/file/file.mp4
Request Chain 117
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cbd05u-CtZZ7dK62r5LcPk_S-6Aa-qN2zdcn6gqv2EWQQASC3y6VPYMmGgIDco8QQoAHx6pmaA8gBCagDAcgDywSqBNYBT9DSDU36op_vjVyx9oYXjQYLRPJYZ5GxeAC5gBHn6qKfX5vvrCJjvbimoHyxGoNi3KXdKQx38Wm9QhBbH1Ux4mqBtGwKxviTz4SgljVr3BkMgwHHMATLjolxWiVq8wZtDnKD5qdFrDLnd4tBNydktzPimOOXbj8sJ1MiVF_opn7g_ZZbFEZIpVEa9NKZIs7pqOrvm6z1TTWJHYyAK-EcSNnSur60QS9qFhjSfDnT5gZ3O647jgZu5dZO24poLRSFf8HsOBxkePNMzNehJzakJ4NoaEUbNsAE3YuigL4EiAWqvaTlTZIFBAgEGAGSBQQIBRgEoAYugAf3lOZlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwMQ2i3SCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNv9ntOG8IMDmgl4aHR0cHM6Ly93d3cuc21vb3RoaWVraW5nLmNvbS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wZXJmb3JtYW5jZW1heCZ1dG1fY2FtcGFpZ249c2tfbm1mXzIwMjMmdXRtX2NvbnRlbnQ9ZXZlcmdyZWVugAoByAsBmAzcsfzq6ATaDBAKChCwvNybi-iosHsSAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNjcxNDc3NTkzODI3MDM5GAA&sigh=yh6YigqZeY0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_R1pQ5mt2u7Mp9tA3DAFDKc_KhdGoz6VxFkd0Si2zMTfz6tsDdgVNIjYoIkmHMqwgWjsfLG4cnlXERq0fhft43xP8PXULUzeYPLQYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf4c424e9c9c76ac0000000000000000%22,%222%22:%220x7a6c55d8b176cd4b0000000000000000%22,%223%22:%220xfc1468daa8a5f35a0000000000000000%22,%224%22:%220xbc98a91b8f24f9030000000000000000%22,%225%22:%220x16ba1b9c2100cc860000000000000000%22},%22debug_key%22:%2217270730123596692669%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22742238978995820561%22}&andc=true
Request Chain 120
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 121
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CX1jTu-CtZcy-K-HY5LcP0J2oyAuEp_G1dfbAuZ7oEdmSlsrFGxABILfLpU9gyYaAgNyjxBCgAZvn4N8DyAEBqAMByAPLBKoE1gFP0L1Nnf4wXF64xfJwdNuDXXO5DLJ0tFedYB7imZUnJxXmuuwwNizFQ_nVaOq1l167XGsWN-BcpL64hfkTJ0h_urfZThYYEYaRjw8Qp-8dvDbQFEWVbXRClaSzgvsMlfAD85yIQm9R3TCN7V6dgvdau42v_UPMAFGLMRFyGV1MV2hZnpS3uEBrGz5P05mzWvNhqa_jSs66FLnhWhAweFJ0IqDOa5ZH-el50aS10DuHTbZ2205Kb4bdGrwjvSZcd6mWpwB8fP081ho1Hti_hz5bHbnn_0WGwATlo5OPtQSIBa-tkv1LkgUECAQYAZIFBAgFGASAB8PN9neoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC3nBXSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIb0ntOG8IMDmgmpA2h0dHBzOi8vd3d3LmFzaGxleWZ1cm5pdHVyZS5jb20vYy9tYXR0cmVzc2VzL3Nob3AtYWxsLW1hdHRyZXNzZXMvdGVtcHVyX3BlZGljLz91dG1fc291cmNlPTg0NTA4NTF8NDg0MjM1MSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPTMwMjIwNjkxJnV0bV90ZXJtPTM3MjM1MzExMCZ1dG1fY29udGVudD01NjMzMTgxNTV8MCZtcmtnYWRpZD0xJm1ya2dlbj1nZ2RuJm1ya2diZmxhZz0xJm1ya2djYXQ9YXNobGV5c2xlZXAmJmFjY3RpZD0yMTcwMDAwMDAwMTQ5Nzg5NCZkc2tleXdvcmRpZD0mJmRldmljZT1jJm5ldHdvcms9ZCZtYXRjaHR5cGU9JmxvY2F0aW9uaWQ9OTAxMTg1OCZjcmVhdGl2ZT02NjcwNTQ5NjkxMzEmdGFyZ2V0aWQ9JmNhbXBhaWduaWQ9MjAzOTUxMDM5MTkmYWRncm91cGlkPTE1MTY5NzgwNTc5NyZnY2xzcmM9YXcuZHMmgAoByAsB2gwQCgoQ8Pvl5fX_8qUOEgIBA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zNjcxNDc3NTkzODI3MDM5GAA&sigh=H0vwWhsLMaE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_NfHnpe131MpMbN-LD3_u-3hSf8Grqmch4zuJdNS6ashOIPZANxskNDM4InZbT2l0JvSBA9FkNTVkQLilQKk3LRn0CtreSJzJ3xgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5bac76c91881c4030000000000000000%22,%222%22:%220xad21adc6dee57ab0000000000000000%22,%223%22:%220x7729511fa8f1c7ae0000000000000000%22,%224%22:%220xded2a2dee8ccde800000000000000000%22,%225%22:%220xa03ae9410efcbd4a0000000000000000%22},%22debug_key%22:%2215810033409473719011%22,%22debug_reporting%22:true,%22destination%22:%22https://ashleyfurniture.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006121883%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580287698323359649%22}&andc=true
Request Chain 122
  • https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_pre=CMOD19SG8IMDFcP2swodV-wHCQ;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Request Chain 154
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=39e47eda-3961-4d95-8445-2a06ea26ec06&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6548452f-d17d-49df-be3a-28382f19e3ec&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dda12605286ab4f28a542ff283cb52554%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=161683890674209851 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=da12605286ab4f28a542ff283cb52554&tids=15000&med=10

153 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
proxybrowser.xyz/
Redirect Chain
  • http://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6ba...
  • https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6b...
73 KB
27 KB
Document
General
Full URL
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
26bf82ef5408b2df14aa3bdb67df71670347ae7abc6e8d6972da244232f4df84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 03:27:53 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 22 Jan 2024 03:27:53 GMT
Location
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/4.5.0/yeti/
185 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.5.0/yeti/bootstrap.min.css
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d2a05abd528ef92a4fb75c595f828fdc9fb0a1768f8c2b55180725802212d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
418639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18922
last-modified
Thu, 14 May 2020 01:20:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ebc9cf9-2e235"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYnAWfNl3YwhbCS0Smiq60bFDuRGnEzCpDwNMbk0tF%2BqpNK%2BSeXS4FklFKPdLo2MCATneGhughKOfe0%2FXuF26idimdNzw9swyEsrKhXk7TTbikHmnXirEUSj6cKT1f4%2FrWa8K0NOnVVHSNbVPLlvudlR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8494b42e3d2521fd-MIA
expires
Sat, 11 Jan 2025 03:27:54 GMT
custom.css
proxybrowser.xyz/templates/css/
6 KB
7 KB
Stylesheet
General
Full URL
https://proxybrowser.xyz/templates/css/custom.css
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9e04da3eadcbd0bbe90634ba6dfa978b130b058e3052461e6524d452e6807297

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-1953"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6483
tag.min.js
propu.sh/pfe/current/
13 KB
6 KB
Script
General
Full URL
https://propu.sh/pfe/current/tag.min.js?z=3373366
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c4569552b8f3069d5021cc14e3e8680f0a8a9edea995839da1e263706fcc9cb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 08:49:51 GMT
server
nginx
etag
W/"65a8e62f-33f4"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/
189 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34002124-6
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9aa26fd99d211ae85f16df0e581cd2ebaefce00a2a207e982fd8e219e4b4a874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69296
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 03:27:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db05f6f1eadb6b0c65442fa0b58d77ceb8ecfd482d0075b1967144780c36379e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51399
x-xss-protection
0
server
cafe
etag
8936926755720596965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Jan 2024 03:27:54 GMT
browsing.png
proxybrowser.xyz/templates/img/
5 KB
6 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/browsing.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
00c1d17757bf52d6290743923380bbf067a32c5b89bdde330b9308e055e2a03b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-15ec"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5612
speed.png
proxybrowser.xyz/templates/img/
10 KB
10 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/speed.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
18664e0f6aa19c51aa98da29d9ed893effb9167f769dee1ad4a16fe6b5839ae8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-2644"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9796
video.png
proxybrowser.xyz/templates/img/
7 KB
8 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/video.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
314136da8dc9ae30d52203e80525247a23eca7c0a41c85a7221c1144aa2f6c7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-1dfb"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7675
facebook-support.png
proxybrowser.xyz/templates/img/
8 KB
8 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/facebook-support.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fee837673c1019dbcaba33c11d82a4c5a89380dc48e644b3789ae35312604cc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-20bf"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8383
youtube-support.png
proxybrowser.xyz/templates/img/
10 KB
11 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/youtube-support.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6b5bc6a0287381cb56d5487c4a621c83217579fba2e75ea473abed3c99f4a25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-29ee"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10734
connections.png
proxybrowser.xyz/templates/img/
2 KB
2 KB
Image
General
Full URL
https://proxybrowser.xyz/templates/img/connections.png
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5e247a8b8cb69ce60447b0edd96a1ba60bca6a47f043cbfed71cffdf65e9d8f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:54 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-62c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1580
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4563114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0R0XEKCPipqak1ObGds%2BEkXiEfsGmHl5uEY%2BdMdgSWTSG7rQ2AqTfXWDB1%2BMl%2BQB%2BcbiqJpWyJWnkkKAEKs8p1CKGdNWjLe3jfe%2F9z5LhXORacOiqSJ8ajtvW%2Bbq9PBV7aalMoDL30SD6vWUwVznjsY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8494b42fbed221fd-MIA
expires
Sat, 11 Jan 2025 03:27:54 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/
59 KB
13 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1409140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13080
last-modified
Tue, 12 May 2020 17:56:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ebae359-eb0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4LdmOA%2BuV7PkdekONBKqtfxuWW1SrdpRWhIG48WisPM%2FJsoJU7mdzFT9EoovXaS93z69l0CJoT%2Fdm%2BTd%2F5WGgItIrYrJP5jliQsW7ueFGifuIwiJXmf4i%2BShZx9qL%2BJeY1jNhGt%2B0y3Q4M2kG2XMshB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8494b42fbed421fd-MIA
expires
Sat, 11 Jan 2025 03:27:54 GMT
css
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700&display=swap
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.5.0/yeti/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea15e9cd0c456d2ee42159182cb21c44d110b01fbfb3d54f7a63d2994aa6e05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdnjs.cloudflare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 03:27:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:54 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:12:25 GMT
x-content-type-options
nosniff
age
213329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:12:25 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/
49 KB
49 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 15:59:31 GMT
x-content-type-options
nosniff
age
214103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 15:59:31 GMT
js
www.googletagmanager.com/gtag/
219 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-30FWSL94WJ&l=dataLayer&cx=c
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2d90d06e0ea8047b83ccb0c7b08cbca6d3431157ba4fe7f63b145d079e68b15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79758
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 03:27:55 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jan 2024 03:27:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
36
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 22 Jan 2024 05:27:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/
402 KB
137 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841ffffb042a89409e565521638fa86dc0affc065db614046ff081c241abe02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139583
x-xss-protection
0
server
cafe
etag
18314035220388518562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:55 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 0047
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
35258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 17:40:17 GMT
etag
9219409622527106327
expires
Sun, 04 Feb 2024 17:40:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zone
propu.sh/
878 B
1 KB
Fetch
General
Full URL
https://propu.sh/zone?pub=0&zone_id=3373366&is_mobile=false&domain=proxybrowser.xyz&var=&ymid=&var_3=&tg=0&sw=3.1.474
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
719f954352f8d6e3f65106fb3a101698ef11c9841380a76c75cf98f24712ee4b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
240b3c4db5214debe00766aaecbca6a3
date
Mon, 22 Jan 2024 03:27:55 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
878
universal.min.js
propu.sh/pfe/current/
86 KB
33 KB
Fetch
General
Full URL
https://propu.sh/pfe/current/universal.min.js?v=3.1.474
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
12c658e94a84137e8ad6d8f54c2d579b1d0170e968c32228fd22c2fba64dcae1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 08:49:51 GMT
server
nginx
etag
W/"65a8e62f-1579f"
content-type
application/javascript
access-control-allow-origin
https://proxybrowser.xyz
cache-control
no-cache
access-control-allow-credentials
true
collect
www.google-analytics.com/g/
0
172 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-30FWSL94WJ&gtm=45je41h0v9105680636&_p=1705894074816&gcd=11l1l1l1l1&dma=0&cid=1645274483.1705894075&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705894075&sct=1&seg=0&dl=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&dt=Proxy%20Browser%20%7C%20Free%20Web%20Proxy%20To%20Unblock%20Sites&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2054
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-30FWSL94WJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://proxybrowser.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3845
119 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09d26610ae546b4bca4043db5914b6cba0dc0a6199c33def01f20607dc7ff96c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40736
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:56 GMT
expires
Mon, 22 Jan 2024 03:27:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1796
133 KB
44 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9454b22c8fe6750f407c702929ffe6253dff7bcc53f9b0ccc259bb0ad245760d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45032
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:56 GMT
expires
Mon, 22 Jan 2024 03:27:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8A00
88 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b3a46db0319de8bb68629bfe1d5f512dccadad1e11ed1cd379778862230d7b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28144
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:56 GMT
expires
Mon, 22 Jan 2024 03:27:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DB23
530 KB
104 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&adk=1812271804&adf=3025194257&lmt=1705894075&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075227&bpp=3&bdt=855&idt=239&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&nras=1&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=251
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b14b437b7a1be3f8bc0362259294aac19f465fa0b9f17ee60d97adedc6f09013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
105761
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:56 GMT
expires
Mon, 22 Jan 2024 03:27:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-expand-lg%20fixed-top%20navbar-dark%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=178157547&t=pageview&_s=1&dl=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&ul=en-us&de=UTF-8&dt=Proxy%20Browser%20%7C%20Free%20Web%20Proxy%20To%20Unblock%20Sites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=434137435&gjid=380440979&cid=1645274483.1705894075&tid=UA-34002124-6&_gid=1309382762.1705894076&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1341000172
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://proxybrowser.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 8A00
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:13:45 GMT
css
fonts.googleapis.com/ Frame 8A00
8 KB
846 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 01:42:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:56 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 8A00
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 07:05:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 8A00
378 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 07:26:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8A00
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
css
fonts.googleapis.com/ Frame 3845
4 KB
728 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 02:14:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:56 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3845
2 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 3845
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:13:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3845
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3845
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3845
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:56 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 3845
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:13:51 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 1796
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:31:32 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 1796
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:19:00 GMT
css
fonts.googleapis.com/ Frame 1796
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 03:21:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:56 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1796
2 KB
856 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 1796
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:13:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1796
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1796
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1796
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:56 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 1796
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:13:51 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5809253754062981083/ Frame 3845
25 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5809253754062981083/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4204ec730f4d77767db99da42f0316a4f3bb0da6df76ba56a9b6e070593973ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 19 Jan 2025 12:55:26 GMT
date
Sat, 20 Jan 2024 12:55:26 GMT
x-content-type-options
nosniff
age
138750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25226
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 16:31:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/14669164477528166620/ Frame 3845
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14669164477528166620/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b2341bf6e41df7fff1803272d02646bbf08537b36bcaa2995849023b3eada2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 19 Jan 2025 10:56:42 GMT
date
Sat, 20 Jan 2024 10:56:42 GMT
x-content-type-options
nosniff
age
145874
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1902
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 17:16:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/
162 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43e7d48219b47a9d4280fa37e214034c165cc89d87c04ff94001d2f54b8a14b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56365
x-xss-protection
0
server
cafe
etag
10406507512111299946
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:56 GMT
custom
propu.sh/ Frame
0
0
Preflight
General
Full URL
https://propu.sh/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://proxybrowser.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://proxybrowser.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 22 Jan 2024 03:27:56 GMT
server
nginx
custom
propu.sh/
39 B
332 B
Fetch
General
Full URL
https://propu.sh/custom
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
d4291641f5a1bd01215288c0e3ca7736
date
Mon, 22 Jan 2024 03:27:56 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sw.js
proxybrowser.xyz/
3 KB
3 KB
Fetch
General
Full URL
https://proxybrowser.xyz/sw.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.159.195.18 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
ad157275-d30f-437f-8016-2268f1ab28c7.fr-par-2.baremetal.scw.cloud
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5fbfb6eb16071b0743d14b33e5d33761213d798d6beffe0fbfc32caf12e0cf76

Request headers

Referer
https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
tracestate
3566107@nr=0-1-3566107-1588703172-fac9ca64a657ca80----1705894076501
traceparent
00-70d2da1929b294ff295b1024fb713990-fac9ca64a657ca80-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM1NjYxMDciLCJhcCI6IjE1ODg3MDMxNzIiLCJpZCI6ImZhYzljYTY0YTY1N2NhODAiLCJ0ciI6IjcwZDJkYTE5MjliMjk0ZmYyOTViMTAyNGZiNzEzOTkwIiwidGkiOjE3MDU4OTQwNzY1MDF9fQ==

Response headers

Date
Mon, 22 Jan 2024 03:27:56 GMT
Last-Modified
Sat, 29 Aug 2020 11:10:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f4a37b8-aab"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2731
truncated
/ Frame 3845
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51f015782de153c399ab8c39677f071aab1420e572e13a5bfd5ce11c5420792c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6880
143 B
224 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3002
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 02:37:55 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1796
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc406ffed19d31507f5222d2aa0e5c12fb491f7974db45a4c82e22947cb1aab3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 66B6
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 23:38:45 GMT
etag
9219409622527106327
expires
Sun, 04 Feb 2024 23:38:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 02F3
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 23:38:45 GMT
etag
9219409622527106327
expires
Sun, 04 Feb 2024 23:38:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 8246
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 23:38:45 GMT
etag
9219409622527106327
expires
Sun, 04 Feb 2024 23:38:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame D158
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 23:38:45 GMT
etag
9219409622527106327
expires
Sun, 04 Feb 2024 23:38:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3845
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
age
213790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:04:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3845
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:23:37 GMT
x-content-type-options
nosniff
age
212660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:23:37 GMT
css2
fonts.googleapis.com/ Frame 66B6
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 03:22:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 66B6
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 19:29:44 GMT
x-content-type-options
nosniff
age
28693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 20 Jan 2025 19:29:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 66B6
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 02:27:57 GMT
x-content-type-options
nosniff
age
3600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 21 Jan 2025 02:27:57 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 66B6
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
31703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:39:34 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 66B6
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 06:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
73707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 06:59:30 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1796
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:18:33 GMT
x-content-type-options
nosniff
age
212964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:18:33 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame F239
94 KB
32 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B6A) /
Resource Hash
b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 22 Jan 2024 03:27:57 GMT
content-encoding
gzip
content-md5
tLIyQJPl0bhnQiedbHYi6g==
age
290150
x-cache
HIT
content-length
32320
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jan 2024 14:46:22 GMT
server
ECAcc (mic/9B6A)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb6d1ac5-701e-008a-113f-4a833c000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame F239
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Mon, 22 Jan 2024 03:27:57 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
5836859
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-mia-kmia1760046-MIA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1705894078.827779,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 262755
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F239
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F239
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F239
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:57 GMT
csi
csi.gstatic.com/ Frame 8A00
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrodaeia&c=1294706351404&slotId=647353175702&qqid=COX_oNOG8IMDFQ0R-QAdAqAAvg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8A00
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:07:17 GMT
x-content-type-options
nosniff
age
213640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:07:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8A00
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:23:37 GMT
x-content-type-options
nosniff
age
212660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:23:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A00
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXOBKu-CtZaW2K42i5LcPgsCC8AuYqbLndLrNz6bpEb_oor3AARABILfLpU9gyYaAgNyjxBCgAbvAta8pyAEFqAMByAObBKoE_gFP0LKH2isSUlYTXLTI0K-BZJnEHt8g7Cyl5Yy4gCV5t_0G5qkDzUOOY4-nSkoGZV1u1yZMzyIH0LXsZtH32JxGux3DgfkmhbqInfNzJzanYjQUmEDYATOEfMFoo9ZdJPIV41M0G_LxX3E5BtPbVI3jrBWIa8SOvaTVr6EYnGw_PM6I5QJaFOKX-xOBwzaNMIOiPXIE1pSaga12_y1K7hsIFP393kDAg9Ky6XciJlRepBtmKZrWFx3ZCuP4ljAQquXkGh-p_zndPENB3B_VtNkTF3Mx62KmhAYKjweqW1noEu6eU4zBc3ykzWfKpYtgQMA4O0GL-LZZWXubdF7a-sAEts_ziLIE4AQDiAX7oqGQTJAGAaAGToAHu_iFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliD757ThvCDA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CVVOwE7jglxbYEwqIFBLYFAHQFQH4FgGAFwHoFwQ&eventType=clickstring&clientTime=1705894077752&ai=CXOBKu-CtZaW2K42i5LcPgsCC8AuYqbLndLrNz6bpEb_oor3AARABILfLpU9gyYaAgNyjxBCgAbvAta8pyAEFqAMByAObBKoE_gFP0LKH2isSUlYTXLTI0K-BZJnEHt8g7Cyl5Yy4gCV5t_0G5qkDzUOOY4-nSkoGZV1u1yZMzyIH0LXsZtH32JxGux3DgfkmhbqInfNzJzanYjQUmEDYATOEfMFoo9ZdJPIV41M0G_LxX3E5BtPbVI3jrBWIa8SOvaTVr6EYnGw_PM6I5QJaFOKX-xOBwzaNMIOiPXIE1pSaga12_y1K7hsIFP393kDAg9Ky6XciJlRepBtmKZrWFx3ZCuP4ljAQquXkGh-p_zndPENB3B_VtNkTF3Mx62KmhAYKjweqW1noEu6eU4zBc3ykzWfKpYtgQMA4O0GL-LZZWXubdF7a-sAEts_ziLIE4AQDiAX7oqGQTJAGAaAGToAHu_iFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliD757ThvCDA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CVVOwE7jglxbYEwqIFBLYFAHQFQH4FgGAFwHoFwQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8A00
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrodaeka&c=1294706351404&slotId=647353175702&qqid=COX_oNOG8IMDFQ0R-QAdAqAAvg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1s2&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8A00
31 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ChPLoMFvVD2OYh6dgBr3Oo1V7J2MZRVkvTlvqr6Jee3SbMqHwSO9PO5KQ1Glesr7G5NtDfwmJ9td5-FOYkPwjCRDAOrA&cry=1&dbm_d=AKAmf-Bb3R78lp39z1broXRB-G8CJzOGF2CGG22azzDrXxJziInSy2e2c7rM_7rhHCTz16s2H5dAtvrGefVzj0GChGfEk5O0kco7NUdkkte7LJuu1L5k7wmTPpMV99dIrpbpS6z9eovDHOvyl9aa_1syQ0otPCodBqL8jm8emDYy34X3r4W7TOM_2tF88t-uHd7z0qacqmyYuLFp9jdmPPny-maqkNWtQNT27nZtNbQpex8M0WfJl3nl6xlX6P7J0NKK_582B4fNB34G6hOtH3-v1nGQiLkxL3F6uxkmO5UCsLu8nReP2ttRpzRYK8p-hhmmWOt0zgEM-E3-sMYLzuqvpKhQnv7l73LExMlQ5SmlcJXAWN0Ogkmr4yMBh73eddm1RTcr1eOy5hRdE8vVvjHxK-gbtcMlb7gWMYPtUUoeWQhUWacvIlX_HPwd_wxMMf4ZrEcLZ7JP1KPXKH_L-fdtvih3aPAedrmPLt8ZX1ZeX9yUAzEbgLQfQLzH9BVP5Zb_Kre9wBjnyEf2n1kbd_D_hGKqTT-VkKP2RuTzcunl6R7SlRz07WjM67I2YlW9VWUON4-U6BFF29IRhdvAaFpPlQDECsFplXesYxOgMweiy6uXp8DTq7bl5yWpZuH5oqi62hDA_UhYKIdXxwD-Ikn_GN6iTXW7CGjkTsLSzhhqd4Qs7Myodi5ngh18gCD72B0UfdOrMh99uYnB7r3fl9CtyUGpAHJCIADBWENRhQEFELq-mvex6TvWoAiEvznKv-x15-mKgLLSly-Pfg8nH9LWNukl2Nz_tEAl1-CQefE2elSHuUWcTSBZl6PUV4sCnTHuUuZh8iPW9kjgUNnPHMUk5AHXq64yjT_v3E2trH-aXUxMNzCpypxDJ-eyJ2zqIdti6e6whGqbRG9q6smFGq-S0Tq2h3xZqg_33TzbTsjE81D3QAuosqhOE2vWApGAfOpuFDucg7EDswXgnh4JoQR1D1w4fi4HhCQHUDt0d8_raQ4Lu2KIwVCKeWnCfHWpgo-2xAC-s-SMMqVOx7KT9cnfwHDNVboi_WxEKjawBC_q7hctoK3SdTeh2mwyZCssYZhL5LiRTXcF1pbE9JkyNsoofg2mhlM8OL8LVisO8WHdG-vCX_H5bi8DuVwwMocwxRBHeV89HmmKA9Do7Fme4ZUtC76585kfUlkuoHLBlNcpP3sQOvRxAUgycZMw45XxWW4vGPTHptGFjwf2TjmJ1B8PvCHLWX0jaQfsOEmHoMj8OIxCspFSmOdGhANA5P9-jgymJ5HRxBm6g9MBlJ5_bJvdJ6Pd4wZjOlCiiTeIE3s3gmf69VO0mN4aPg7d-GsYI6TBiGx1NcQrsyjqy4lrzrUfpF0K5anOITunhaAHJHeuNjLHMD66yhT9K_KH6nCDEjYRvPxNIkV0JG-J0ehuCPmUulZm2l_TLHKEAAmFcjFhfIzt26SxvpBH0cT11GIRzGC0wiBrwds8FV274WLr1suOmNgNb-P0T4EVqfnKvUMzu3QIXkCb4CQKKFvSqz1IbFYkgi1c03Rxbbg5GqUUXO23Aud8a0WEut-buSqcXIokHDcH4E7cjpCAOBJf6e6W2p5qQO49UIiQ3awjvQM4dtifBztgQ9Z6PVTRViWV7UrPzO2aVAIsFZrTlGb6AOwYgF_C4hN4PF0L7caSZgbgvAglKBiOkLcOsSFQ0em4k0aV1dCvrquvwfCnDcgs-1JXIiaHgDoK0dqJv1hj2BpPqS4A9Eti7RvmgJlyjMAR8HwFOhes7xWPAYEr4Whj-KKq-wjp9UY6fEAkD5nP6nBD6j92r9oiuK1de69v_nss4obDc-Aa3ic9bH_1tHhnGdmi0f7WITGJsFhpAtBIljtVcizdLg9qJ0yZMzNr-Wns0DosDhO_bu03GXLaO0Q1GMb9ZbrY04SYyAQ_OaV9ndjMgXQ7M5H7V2JXVgh7QePIHpFm75AXMCRcGrabys-uTQVNwzHOfp9Z-t8dgH2n0_qj8Shd7CM8UIpPV3fHGawHRSM7hzJSAE7IEN3VKN60305EutaFRK0Yn8wa7On2w5dl0tQNg5SFo5XUK7-3RXx-4CavavbacFloqlRaKnfANuplwlDBbvLaASX6IdjmIh80YlSg9RMfxMErp1tit2ahR4bkvCtlB776lkLxmw9MczGuJ2xxR2uiRLOe8FDOVA54DFbLt2ggAxyuppCHMbgoFxvwPiWJ_-X1kNheI-gwwbPxbt4UhOVMA8KMGJ9Y63Wl3Zv8yD5sQcLFLlIzNROZCxj5b2Y-uttKarXUy99pbYDHR9lb3V7-p__rL0smAUjeY0_E2ZcFAA69bMW0IiVYLanrvBtsWXCQX9SUfdv-XpYUqhVRjYlqcQHYopgzk3B8BK4D89kUsBXHtUumWdCgQABeDfUyMO_SwdPWRnHKOvO8M6DaFoQN6tjEGtsSGzEzCDaPB7_TcjZHAGRC0m2YvVpO9tKxDqESiY-J2_MvsIocE9mzHJcrhJt7-WLY0fChNo7zDImrtx0qI9P5nJY7yB2Tlw8oaHYkrMj3ZhBj4glfUFGwnAZvL_-rrwwq12p6AsQvsl917p-2ImOh9ig3fiAqi5yuftyrAeBk_CsDi4W1R4yvjs9NEPpNO2Hhdmp95RxbkgUo3oDmwIeY0d1XES8ZRQnBOHCzALNFWU8exFspbR8Epfhc6fJQEWMBW40CVv36F-6sAA12Qpqf6Q8hETFxWHYfMmueuylHbQXIRRIEwz-KgYu_GZaqt2Y7Ch-t0e2ayrusew69nYk_rsRXCH6hm984zBefs6CliPEucp2T7w-iGYoaYYUTD9H-D3tal_n0cpIocrg3ZJlDpn4kiUNIclZiUSFsKnXcNM1fRPcJP42AX_0GBuWGFuOJr4-70g0T57FApGiZr-SjwD0LDW7Ci-Hu12uyitAACNL0kf_69DtqDWLjreTF6d-gckogquG4qBwP0ZC4O0vXZ0mv7BzA7uEcaAHGh1bGrucXm8NCakWicsTlT3K5-99-dyrXYg9ht_Dbu4OJTVXXWY_Aw7tRvEO8TFwrOK-LPTw5v1kAgNNlxWiuqQgeNo3z4yKoB-gRmhCTCOqwYTO_aRT-BBHLsY7XQovkW3o9daV5Krc-iIpM5A-ELtiuJjeuKLmWQEaIlQn313qRu_6fCF50ysGregHZgUH41w30PbRIn96W4Hf4GMMs82FaCCw311xsG39HqTLgLoiXVsmaNXv92JzP4UvKzMQG-kWwzf7n3BsETfn054YFZDfNIwwiuCRGyYGbjw57o5hKU9MXdoThBmU73jGaQn73t-4or3xP5j6VKTfDxjDwnYhWjp2bec9FuRbACnVYBxAcn_VthRtpXhz88-bAFO6bLplS8gPrK038pVoP7Yg0AQq81Ac5yLa9fY3tr7iMOG7R5M8U1sIB03cePCvaPMa-DCrkWBjjAA_PHM7pc0Znn9GO89hgr1fgMbX76ijE_EgeQDieZTbQrjwnA3qEFo3AsA88rbd4QYK_LoFl9yKyy4cqDwbCYCEBx8_zKX5P1dmGhBW0XVSiRNJnCvR3zJNoR232otGU8iZiesHCXrhy_0CNYbD9HXOI0fAnfMOiJMSNxQ2OAiQLMn1yZTmhd9iZziMwMOjJJ127JVEbIsTZpq2TJxAn3sNF2wwDAiwODP7CFii78VHLg73XZpq4NcEJtJWzQSTAeXBJ4CejZl-EBY79EHxzCZmMgHkZh9PBLRnyg83hVlGGJ7jX6x74fon7Jzw0tNqXh-1jNHodK36LNJ2f&cid=CAQSTgAvHhf_NZhYchag5fsH91Nsqf_El-9k5hwVLP94ZPHUz0-5c0zMq864F1W4gIXln05Ios6WijQauxrAzo2MoWY2zz6ZyGtMwQOABCcNrBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
6a54c4e39a897b4a2f39574c22da372f631f564be54181e2f8da90cff86b5b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17874
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame D158
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 03:03:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D158
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame D158
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:13:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D158
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D158
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D158
225 B
249 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 17:56:53 GMT
x-content-type-options
nosniff
server
cafe
age
34264
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Mon, 22 Jan 2024 17:56:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D158
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:57 GMT
0c5a714edd9118dc9a192723ed81c7a6.js
www.gstatic.com/mysidia/ Frame D158
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/0c5a714edd9118dc9a192723ed81c7a6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15431
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:26:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 3845
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Clc54u-CtZbXDK4S87wLG2ZXIDIfKlrh1r4iK0uwS5oKQ0_9BEAEgt8ulT2DJhoCA3KPEEKABoML61gPIAQmoAwHIA8uEgIAEqgTVAU_Q2Rqf7EDVFuM8a5ToABdYviuZitEHcVboulXQrCt...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9921ab07d3f86130000000000000000%22,%222%22:%220xf02afd753c5cdb890000000000000000%22,%223%22:%220x901536...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9921ab07d3f86130000000000000000%22,%222%22:%220xf02afd753c5cdb890000000000000000%22,%223%22:%220x9015366afc987cd20000000000000000%22,%224%22:%220xe391767bf2a2c03a0000000000000000%22,%225%22:%220xc6c2cb519d3b61a70000000000000000%22},%22debug_key%22:%2216486280230470902824%22,%22debug_reporting%22:true,%22destination%22:%22https://empr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22987668768%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222841888497280654721%22}&andc=true
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xe9921ab07d3f86130000000000000000","2":"0xf02afd753c5cdb890000000000000000","3":"0x9015366afc987cd20000000000000000","4":"0xe391767bf2a2c03a0000000000000000","5":"0xc6c2cb519d3b61a70000000000000000"},"debug_key":"16486280230470902824","debug_reporting":true,"destination":"https://empr.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["987668768"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"2841888497280654721"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 03:27:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe9921ab07d3f86130000000000000000","2":"0xf02afd753c5cdb890000000000000000","3":"0x9015366afc987cd20000000000000000","4":"0xe391767bf2a2c03a0000000000000000","5":"0xc6c2cb519d3b61a70000000000000000"},"debug_key":"16486280230470902824","debug_reporting":true,"destination":"https://empr.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["987668768"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"2841888497280654721"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6880
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:58 GMT
expires
Mon, 22 Jan 2024 03:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
11987965876286598688
tpc.googlesyndication.com/simgad/ Frame D158
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11987965876286598688?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058f610251111e42ba0ae0f0fc02ff979e401019237101157b76807aa4882695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 19 Jan 2025 07:31:23 GMT
date
Sat, 20 Jan 2024 07:31:23 GMT
x-content-type-options
nosniff
age
158195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5927
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 16:24:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame D158
195 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D158
336 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 4718
13 KB
13 KB
Font
General
Full URL
https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:22:20 GMT
age
338
x-guploader-uploadid
ABPtcPrqzSSecZVJbNr5ju_1oQWwM424KAVq2mzL_PstC9fOx0bNb4aqLQAarMIN_E3lsgRmv94
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12896
last-modified
Mon, 23 Oct 2023 09:53:31 GMT
server
UploadServer
etag
"47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation
1698054811260784
x-goog-hash
crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control
public, max-age=3600
x-goog-stored-content-length
12896
accept-ranges
bytes
content-type
application/octet-stream
expires
Mon, 22 Jan 2024 04:22:20 GMT
montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 4718
12 KB
13 KB
Font
General
Full URL
https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 02:31:22 GMT
age
3396
x-guploader-uploadid
ABPtcPoAiWAqJyveBbvdtv4QalYE4jRh-0e1u1hVmQVLYdAWUtSpbG0WRchFfUWjvSLLDRWOPac
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12700
last-modified
Mon, 23 Oct 2023 09:53:31 GMT
server
UploadServer
etag
"e571167fbcce8d5081bce96a09930063"
x-goog-generation
1698054811605570
x-goog-hash
crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control
public, max-age=3600
x-goog-stored-content-length
12700
accept-ranges
bytes
content-type
application/octet-stream
expires
Mon, 22 Jan 2024 03:31:22 GMT
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 4542
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=4514543168&adk=624861035&adf=606157843&pi=t.ma~as.4514543168&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075135&bpp=75&bdt=763&idt=296&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&correlator=5144197103421&frm=20&pv=2&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
222933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:32:25 GMT
truncated
/ Frame 8A00
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d77cf5b8fdb1c29d41c7709f5ea444d82daaa55fb53a9c0bf94153283267db6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
c.gif
www.bing.com/aes/ Frame F239
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=39e47eda-3961-4d95-8445-2a06ea26ec06&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6548452f-d17d-49df...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=da12605286ab4f28a542ff283cb52554&SNR=1&GV=2&med=10
0
546 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=da12605286ab4f28a542ff283cb52554&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:1408:5400:7::170c:90cd Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77AE3D13F6484C3DAF37E83CBBD78152 Ref B: BLUEDGE1417 Ref C: 2024-01-22T03:27:58Z
x-cdn-traceid
0.cd432417.1705894078.2de9010e
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 22 Jan 2024 03:27:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AE0EC943DEE24A478DAA7968531E38D1 Ref B: BL2EDGE2207 Ref C: 2024-01-22T03:27:58Z
x-cdn-traceid
0.cd432417.1705894078.2de9006f
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=da12605286ab4f28a542ff283cb52554&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame F239
11 KB
12 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7559562374694_18LIV0EOGMU31J7TB2&pid=21.2&c=16&roil=0.2188&roit=0&roir=0.7813&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:7::170c:90cd Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4be2ca01d0ba71e6187ed3bdcbc9d158b65f5f3983641b3952faec8e9053e791

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.cd432417.1705894078.2de90070
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
11450
alt-svc
h3=":443"; ma=93600
rd_log
lax1-ib.adnxs.com/ Frame F239
0
532 B
Script
General
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fproxybrowser.xyz%2Findex.php&e=wqT_3QL5A-j5AQAAAwDWAAUBCLvBt60GELuoqKzF1JqfAhgAKjYJfcRA-GhBsj8R41Dy8jzKsT8ZAAAAIFyP8j8h4w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43dwFgAEBigEDVVNEkgUG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vcHJveHlicm93c2VyLnh5ei9pbmRleC5waHCAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AO47b0B4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFzViIBQGYBQCgBYmPtv2DtrjvJcAFAMkFAAUBFPA_0gUJCQULPAAAANgFAeAFAfAFt1j6BQQBWyiQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB93cBdIHDRVkASYI2gcGAV6oGADgBwDqBwIIAPAHorjIBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=c1ccad48aa4be9c9606bd3dda3202701b68cf35f&bdref=https%3A%2F%2Fproxybrowser.xyz%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fproxybrowser.xyz%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-3671477593827039%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D1,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
an-x-request-uuid
5f40c14e-c269-45b7-b9da-4870bf38c86e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8A00
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBocZu-CtZaW2K42i5LcPgsCC8AuYqbLndLrNz6bpEb_oor3AARABILfLpU9gyYaAgNyjxBCgAbvAta8pyAEFqAMBqgT7AU_QsofaKxJSVhNctMjQr4FkmcQe3yDsLKXljLiAJXm3_QbmqQPNQ45jj6dKSgZlXW7XJkzPIgfQtexm0ffYnEa7HcOB-SaFuoid83MnNqdiNBSYQNgBM4R8wWij1l0k8hXjUzQb8vFfcTkG09tUjeOsFYhrxI69pNWvoRicbD88zojlAloU4pf7E4HDNo0wg6I9cgTWlJqBrXb_LUruGwgU_f3eQMCD0rLpdyImVF6kG2YpmtYXRdiQFmsEdoJLcH1AmzCF-Tp3hqb771uxKbU5VTtva4-cqd4ZAlr388c89l21c4q2uSziS9JGK-EaRFmdsdTameFPE5lowAS2z_OIsgTgBAOIBfuioZBMkgUGCAMQBRgBkgUGCBsQARgBkgULCCIQAhgBSIad9wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7v4hY8EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ2sEUGJmjouoB0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliD757ThvCDA4AKAcgLAaIMCCoGCgSsurEC2gwRCgsQgN65rdmr7NSSARICAQOwE7jglxbIE8rAyeID2BMKiBQS2BQB0BUBgBcBshccChoIABIUcHViLTM2NzE0Nzc1OTM4MjcwMzkYAOgXBA&sigh=gcJ_u_L7TNI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_NZhYchag5fsH91Nsqf_El-9k5hwVLP94ZPHUz0-5c0zMq864F1W4gIXln05Ios6WijQauxrAzo2MoWY2zz6ZyGtMwQOABCcNrBgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=8757040501&adk=3178287146&adf=3378132713&pi=t.ma~as.8757040501&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075211&bpp=1&bdt=839&idt=250&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 03:27:58 GMT
css
fonts.googleapis.com/ Frame 19E0
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 03:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 02:01:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 03:27:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19E0
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 19E0
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:13:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DD0D
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 02:37:55 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19E0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
32337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19E0
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:27:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19E0
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 03:27:58 GMT
0c5a714edd9118dc9a192723ed81c7a6.js
www.gstatic.com/mysidia/ Frame 19E0
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/0c5a714edd9118dc9a192723ed81c7a6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15431
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:26:35 GMT
csi
csi.gstatic.com/ Frame 8A00
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrodaekw&c=1294706351404&slotId=647353175702&qqid=COX_oNOG8IMDFQ0R-QAdAqAAvg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8A00
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 06:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Jan 2025 06:56:12 GMT
file.mp4
r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8A00
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/45ED17219C4AE7B3B59ACA155A7C239F90242F0C.09AFE0F753941E9CCFBB8B4FB3B0E55930B15DC8/key/cms1/cms_redirect/yes/mh/hV/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4flrnl7/ms/onc/mt/1705893335/mv/u/mvi/4/pl/48/file/file.mp4
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
HTTP/1.1
Server
2607:f8b0:4000:4a::9 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 03:27:58 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4288898
Last-Modified
Mon, 08 Jan 2024 15:44:13 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 22 Jan 2024 03:27:58 GMT

Redirect headers

date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
648
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/45ED17219C4AE7B3B59ACA155A7C239F90242F0C.09AFE0F753941E9CCFBB8B4FB3B0E55930B15DC8/key/cms1/cms_redirect/yes/mh/hV/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4flrnl7/ms/onc/mt/1705893335/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 8A00
453 B
588 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3671477593827039
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 04:17:58 GMT
truncated
/ Frame D158
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf50cd96c20fd4e88d09ab97d76703308e6104dd0a12155b9d77d5dbb1418194

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9921ab07d3f86130000000000000000%22,%222%22:%220xf02afd753c5cdb890000000000000000%22,%223%22:%220x9015366afc987cd20000000000000000%22,%224%22:%220xe391767bf2a2c03a0000000000000000%22,%225%22:%220xc6c2cb519d3b61a70000000000000000%22},%22debug_key%22:%2216486280230470902824%22,%22debug_reporting%22:true,%22destination%22:%22https://empr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22987668768%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222841888497280654721%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 03:27:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame D158
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cbd05u-CtZZ7dK62r5LcPk_S-6Aa-qN2zdcn6gqv2EWQQASC3y6VPYMmGgIDco8QQoAHx6pmaA8gBCagDAcgDywSqBNYBT9DSDU36op_vjVyx9oYXjQYLRPJYZ5GxeAC5gBHn6qKfX5vvrCJ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf4c424e9c9c76ac0000000000000000%22,%222%22:%220x7a6c55d8b176cd4b0000000000000000%22,%223%22:%220xfc1468...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf4c424e9c9c76ac0000000000000000%22,%222%22:%220x7a6c55d8b176cd4b0000000000000000%22,%223%22:%220xfc1468daa8a5f35a0000000000000000%22,%224%22:%220xbc98a91b8f24f9030000000000000000%22,%225%22:%220x16ba1b9c2100cc860000000000000000%22},%22debug_key%22:%2217270730123596692669%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22742238978995820561%22}&andc=true
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xaf4c424e9c9c76ac0000000000000000","2":"0x7a6c55d8b176cd4b0000000000000000","3":"0xfc1468daa8a5f35a0000000000000000","4":"0xbc98a91b8f24f9030000000000000000","5":"0x16ba1b9c2100cc860000000000000000"},"debug_key":"17270730123596692669","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"742238978995820561"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 03:27:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xaf4c424e9c9c76ac0000000000000000","2":"0x7a6c55d8b176cd4b0000000000000000","3":"0xfc1468daa8a5f35a0000000000000000","4":"0xbc98a91b8f24f9030000000000000000","5":"0x16ba1b9c2100cc860000000000000000"},"debug_key":"17270730123596692669","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"742238978995820561"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D158
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:18:33 GMT
x-content-type-options
nosniff
age
212965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:18:33 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame FECC
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
287909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 19:29:29 GMT
expires
Fri, 17 Jan 2025 19:29:29 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD0D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:58 GMT
expires
Mon, 22 Jan 2024 03:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1796
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CX1jTu-CtZcy-K-HY5LcP0J2oyAuEp_G1dfbAuZ7oEdmSlsrFGxABILfLpU9gyYaAgNyjxBCgAZvn4N8DyAEBqAMByAPLBKoE1gFP0L1Nnf4wXF64xfJwdNuDXXO5DLJ0tFedYB7imZUnJxX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5bac76c91881c4030000000000000000%22,%222%22:%220xad21adc6dee57ab0000000000000000%22,%223%22:%220x7729511...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5bac76c91881c4030000000000000000%22,%222%22:%220xad21adc6dee57ab0000000000000000%22,%223%22:%220x7729511fa8f1c7ae0000000000000000%22,%224%22:%220xded2a2dee8ccde800000000000000000%22,%225%22:%220xa03ae9410efcbd4a0000000000000000%22},%22debug_key%22:%2215810033409473719011%22,%22debug_reporting%22:true,%22destination%22:%22https://ashleyfurniture.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006121883%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580287698323359649%22}&andc=true
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x5bac76c91881c4030000000000000000","2":"0xad21adc6dee57ab0000000000000000","3":"0x7729511fa8f1c7ae0000000000000000","4":"0xded2a2dee8ccde800000000000000000","5":"0xa03ae9410efcbd4a0000000000000000"},"debug_key":"15810033409473719011","debug_reporting":true,"destination":"https://ashleyfurniture.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006121883"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"16580287698323359649"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 03:27:59 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5bac76c91881c4030000000000000000","2":"0xad21adc6dee57ab0000000000000000","3":"0x7729511fa8f1c7ae0000000000000000","4":"0xded2a2dee8ccde800000000000000000","5":"0xa03ae9410efcbd4a0000000000000000"},"debug_key":"15810033409473719011","debug_reporting":true,"destination":"https://ashleyfurniture.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006121883"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"16580287698323359649"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B30220691.372353110;dc_pre=CMOD19SG8IMDFcP2swodV-wHCQ;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/ Frame 1796
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
  • https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_pre=CMOD19SG8IMDFcP2swodV-wHCQ;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdi...
42 B
118 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_pre=CMOD19SG8IMDFcP2swodV-wHCQ;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Server
172.253.122.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B30220691.372353110;dc_pre=CMOD19SG8IMDFcP2swodV-wHCQ;dc_trk_aid=563207273;dc_trk_cid=195629296;ord=242259447;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame E76A
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
222933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:32:25 GMT
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame CB31
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
222933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:32:25 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf4c424e9c9c76ac0000000000000000%22,%222%22:%220x7a6c55d8b176cd4b0000000000000000%22,%223%22:%220xfc1468daa8a5f35a0000000000000000%22,%224%22:%220xbc98a91b8f24f9030000000000000000%22,%225%22:%220x16ba1b9c2100cc860000000000000000%22},%22debug_key%22:%2217270730123596692669%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22742238978995820561%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 03:27:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame EF7D
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3671477593827039&output=html&h=280&slotname=2857603024&adk=2766290758&adf=2594459118&pi=t.ma~as.2857603024&w=1110&fwrn=4&fwrnh=100&lmt=1705894075&rafmt=1&format=1110x280&url=https%3A%2F%2Fproxybrowser.xyz%2Findex.php%3Fq%3Dnaikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705894075210&bpp=1&bdt=838&idt=245&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=5144197103421&frm=20&pv=1&ga_vid=1645274483.1705894075&ga_sid=1705894075&ga_hid=178157547&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95321957%2C95320890%2C95321626%2C95322164%2C21065724&oid=2&pvsid=2750259641262600&tmod=1348089623&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
222933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:32:25 GMT
custom
propu.sh/
39 B
331 B
Fetch
General
Full URL
https://propu.sh/custom
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
9a3dbb12eee921fefb1c32010e96d27e
date
Mon, 22 Jan 2024 03:27:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
propu.sh/ Frame
0
0
Preflight
General
Full URL
https://propu.sh/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://proxybrowser.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://proxybrowser.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 22 Jan 2024 03:27:58 GMT
server
nginx
vevent
lax1-ib.adnxs.com/ Frame F239
0
555 B
Ping
General
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fproxybrowser.xyz%2Findex.php&e=wqT_3QKsB-isAwAAAwDWAAUBCLvBt60GELuoqKzF1JqfAhgAKjYJfcRA-GhBsj8R41Dy8jzKsT8ZAAAAIFyP8j8h4w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43dwFgAEBigEDVVNEkgUG9FsCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiJodHRwczovL3Byb3h5YnJvd3Nlci54eXovaW5kZXgucGhwgAMAiAMBkAMAmAMJoAMBqgOvAwrGAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY1NDg0NTJmLWQxN2QtNDlkZi1iZTNhLTI4MzgyZjE5ZTNlYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NjU0ODQ1MmYtZDE3ZC00OWRmLWJlM2EtMjgzODJmMTllM2VjJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSMTYxNjgzODkwNjc0MjA5ODUxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EQXdOVGd6T0RBMk1UVTRORE1qTWpNek1UZzFPREF3TkRRNE56RTBNdz09wAPYBMgDANgDuO29AeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukF9WIgFAZgFAKAFiY-2_YO2uO8lwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AW3WPoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB93cBdIHDRVkASYI2gcGAV60GADgBwDqBwIIAPAHorjIBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9c9f20601daf55bd5268b8226e746aae295f71a5&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=1571204661288795377&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:58 GMT
an-x-request-uuid
361144d9-8b97-4eb9-b47a-d1094d7cfec6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=aa8a6a5bfb7a4d6987abb67f4dce5c18&zoneId=3373366&checkDuplicate=true&ymid=&var=
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4f2f967bed67d857c00a39db261680d7650d4a7611bbea6ab589145534dfd0ec
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame FECC
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 00:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
9483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 00:49:55 GMT
truncated
/ Frame F239
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ca1551231a6ecffa118765f833d443762ddbbfdec3bf45bea47c8eaa26dab1d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame F239
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFrXFu-CtZZzdK62r5LcPk_S-6AbS4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM2NzE0Nzc1OTM4MjcwMznIAQmoAwHIAwKqBMYBT9B0Tp_ZUr2uRyVTLpeDecPHB8cjLCRDZ-7q78HdljswFQrAn4DQi-f8rGhtfTmkg8oqEKQIf0iaN973H6pmdIc2E2sDSELa17EUsuh5PPFvHvZ1GJPfj2ZRMLufv6zd-YRfEcdW3jwG5vuzA9nlyXhEBhZfpWuB3g2UNtXcLTbwYsKAnCotJksWmgPFjJ3ejZ_U7ldrOAUgVKzieNwvHZWIBpM-TksywbkBRP-cK0COOH8APgmP4-oZwH8mWDOKk2Y9nKqdgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNv9ntOG8IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM2NzE0Nzc1OTM4MjcwMzkYAA&sigh=LFhlgUkFy98&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_R1pQ5mt2u7Mp9tA3DAFDKc_KhdGoz6VxFkd0Si2zMTfz6tsDdgVNIjYoIkmHMqwgWjsfLG4cnlXERq0fhft43xP8PXULUzeYPLQYAQ&cbvp=2&vis=1
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
lax1-ib.adnxs.com/ Frame F239
0
531 B
Image
General
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fproxybrowser.xyz%2Findex.php&e=wqT_3QKsB-isAwAAAwDWAAUBCLvBt60GELuoqKzF1JqfAhgAKjYJfcRA-GhBsj8R41Dy8jzKsT8ZAAAAIFyP8j8h4w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43dwFgAEBigEDVVNEkgUG9FsCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiJodHRwczovL3Byb3h5YnJvd3Nlci54eXovaW5kZXgucGhwgAMAiAMBkAMAmAMJoAMBqgOvAwrGAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY1NDg0NTJmLWQxN2QtNDlkZi1iZTNhLTI4MzgyZjE5ZTNlYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NjU0ODQ1MmYtZDE3ZC00OWRmLWJlM2EtMjgzODJmMTllM2VjJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSMTYxNjgzODkwNjc0MjA5ODUxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EQXdOVGd6T0RBMk1UVTRORE1qTWpNek1UZzFPREF3TkRRNE56RTBNdz09wAPYBMgDANgDuO29AeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukF9WIgFAZgFAKAFiY-2_YO2uO8lwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AW3WPoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB93cBdIHDRVkASYI2gcGAV60GADgBwDqBwIIAPAHorjIBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9c9f20601daf55bd5268b8226e746aae295f71a5&pp=Za3guwAK7pwA-RWtAA-6E_tOldpNVyQNaClt8A&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmDx9u-CtZZzdK62r5LcPk_S-6AbS4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM2NzE0Nzc1OTM4MjcwMznIAQmoAwHIAwKqBMkBT9B0Tp_ZUr2uRyVTLpeDecPHB8cjLCRDZ-7q78HdljswFQrAn4DQi-f8rGhtfTmkg8oqEKQIf0iaN973H6pmdIc2E2sDSELa17EUsuh5PPFvHvZ1GJPfj2ZRMLufv6zd-YRfEcdW3jwG5vuzA9nlyXhEBhZfpWuB3g2UNtXcLTbwYsKAnCotJksWmgPFjJ3ejZ_U7ldrOAUgVKzieNwvHdeKJwH86rFfVUN18WHFr_aKG3WENyeXOkifmfua2Bmmi6a8fscJNTfxgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNv9ntOG8IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IVHSOTMpJLPRJ2CRsRRypRq8eTA%26client%3Dca-pub-3671477593827039%26adurl%3D&cbvp=2
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
an-x-request-uuid
e175fccb-b955-4a97-87e1-3d2181592fde
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5bac76c91881c4030000000000000000%22,%222%22:%220xad21adc6dee57ab0000000000000000%22,%223%22:%220x7729511fa8f1c7ae0000000000000000%22,%224%22:%220xded2a2dee8ccde800000000000000000%22,%225%22:%220xa03ae9410efcbd4a0000000000000000%22},%22debug_key%22:%2215810033409473719011%22,%22debug_reporting%22:true,%22destination%22:%22https://ashleyfurniture.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006121883%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216580287698323359649%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 03:27:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3845
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvosqiM9XTgaa_FDAqVA-jPPoA5YugV21hmwDEWjKiOYqP33nD7s7IE0hleAmxmIyaJi_nP5ylGemq2eIzVhm5lhwN62TaekNiBud4bH2qy2PK7Y5-tE1xVJPaz1ik6oKfI1MuVG3P6FCNO9sej7fwp9ERu&sai=AMfl-YT8k-iHv37mQB7S7-WXDTE9e1ILKCQjErMjowhqXcyrwLVnXWFUrBMYWfDkqMUAtgUP-sTEaWs1D6RkliAlndNDpMqSOCKpBSRTFwnbs-bSqNw8xvjWpQh6TyAVV2a8w2tuyhstBTM3gYWO7ES7&sig=Cg0ArKJSzPVDU9ynlmAjEAE&cid=CAQSTgAvHhf_jyhGoOIIacStGD1jyaUVVAeIwsUa05hw5FecUgoaqjcEf_HYr4a5_25apbaQa2UNsmHk842k7O3xxZNhN8sAKW7XsJVW7tyyuhgB&id=lidar2&mcvt=1039&p=0,0,280,1110&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=624861035&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705894075450&rpt=2439&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-spa-1.249.0.min.js
js-agent.newrelic.com/
87 KB
29 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.249.0.min.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://proxybrowser.xyz/
Origin
https://proxybrowser.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
xqhkUaUJHWINEJM5PSle_YSi.Q2oCtRJ
content-encoding
br
via
1.1 varnish
date
Mon, 22 Jan 2024 03:27:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
CPHJEK37NZHMJPKS
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29447
x-amz-id-2
SOZS7zid01Doyh6cDXUuJb0ly/qFRZuv5TLFsCUXkMGYwYEVWooO4s7RnLV3ycPI2uksn1j3+rA=
x-served-by
cache-mia-kmia1760031-MIA
last-modified
Thu, 14 Dec 2023 16:36:09 GMT
server
AmazonS3
x-timer
S1705894080.763605,VS0,VE0
etag
"a42a1870225259a5447c6b5e0ebad53c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
116931
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09c6d64a6a0ee729410400cc4fdd23a164cba0252285054a035364774e5ac76a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12322
x-xss-protection
0
custom
propu.sh/
39 B
332 B
Fetch
General
Full URL
https://propu.sh/custom
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a8119a1bc032f7431c3147d96e5bdad0
date
Mon, 22 Jan 2024 03:27:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
file.mp4
r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8A00
257 KB
0
Media
General
Full URL
https://r4---sn-q4flrnl7.c.2mdn.net/videoplayback/id/6a50a1795bd7bc51/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849176729/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/45ED17219C4AE7B3B59ACA155A7C239F90242F0C.09AFE0F753941E9CCFBB8B4FB3B0E55930B15DC8/key/cms1/cms_redirect/yes/mh/hV/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4flrnl7/ms/onc/mt/1705893335/mv/u/mvi/4/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:4a::9 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 22 Jan 2024 03:27:59 GMT
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4288897/4288898
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4288898
last-modified
Mon, 08 Jan 2024 15:44:13 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame 8A00
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrodaezu&c=1294706351404&slotId=647353175702&qqid=COX_oNOG8IMDFQ0R-QAdAqAAvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2077&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.278~atrd.27c&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FECC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BsNRSvuCtZdWvD-C1oPMP_YC_qAUAAAAAOAHgBAI&bg=!zM-lz4DNAAa8BdJLnAU7ADQBe5WfOMmWenzsSDfyILAH6CG_JipRTBC4Ik2j6i7B5DHCoPgbCCB5qJKvP1ghxQ1Y5vPdAgAAAFFSAAAAA2gBB5kC4WVeZbjt5f8fIhTLRJ4vAIrF2Fq4TVDV95r-Ohk9Hw68QN6NSwDTsF2yo21f6OEzJU-FYr18C9NrwjxaE79jMBNrqFtEKXk9rHk9ajdKRSStMvTjjV_Lp31bKEkc5Xtvc8F23XyHx7o8aPl6TzdcSiWIhj76fm0ndmBfxOxAWW9U0oJYnll0U2zgqxbWzqVWswhkQ_5h9cZ9b_GNpZ3UAHqXa6EWwuM_DleFXUk0xZAX12czqoSei8GqqHCT9qF_fBJMj-_JXh3WMBrlsvsc0CwgDTs_LCJw2Mu6R_FvNjeqFLUvfvLgW6Qkh53djNRRwTTA1kMOIH1rEhCPj36XqHKC39-RRTub4hXMi8mdcJiJK8tp4QSQJJr_njPgQZK8B1IY4YI19of0N5r-p6S_S1DmEdz--5DfMqZdGkAjRaeHQ1U4l6s14Wgzk03g_vHC8Kd1CJNBh4oD4lsT_8uBqAJrLZaQlh7TLTTolgPkuIdUDJkBw3ibQEO3nb14lmxrex1S-jA2Xea8z1ecGSWfe6tMwkIOyXoWJZoGECHGXtqPbAWkvsQ21z1f2PPBhnoDogHmelvKfUIdHfsIm47uIMHCdwHhutdgUfInsWch5q2B08ocBizuZo7jzGEly8MMVck58QPJrU2TYxG1AKSIVVnvvlyWbbDsEQtEQwYaCHk3GUI_2nnWdKlDLqv6SE5LB-luxcoMwSPFeSS9Z9aq1v5gjk6BeozNp8s_rDakWhSFnuD_IIQh1WdaR4Tx24PZ7shTkAZFbWqbNKTotK-pu5iBGSRVJ2Zx-RA3i-XKOwuO71RW5uUTL2uH7KjCIpODGKQIaXahy_UE8p20-Y3Yo-M0owjI6dxI9kCY8r2n9zWOeBITSf7Xfzu4UphqjlHI0OWKcxrJmtJ8kEv6lZFn3jUpt1-LFg_L-HTPtXpRBGK8b20Yf3VWvrhnRU7P5IaoX1liEn18Tx35JrpCZnp9ndgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D158
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4L-ZpDNMrO-o4VZBKDtaAWhRtrlPjnuZcGUcGmKe7wkF1lm_lTEk2kYir6SZAJfyBuT6VeodwlovUSoLkTQNoNSj1RUXCpfeq8tcq5xK2mxdVG2xjwIZWall_GtKpewSDPb-DFwzmuJqzilGe3QhkmsuEs37Kjn9kCPvmMM0mTT01OGdW3wOVpPR15DWdEPNyOaNfiVfk9yqB39er2k5_-ZNGUHq9WKjm5K2ffGmVysiNr94BangGHtbTDljdy_4cvE4kKNx9n6F67inB2UeQWlVrYsHLfxhvwr3jXfE015mbZbhPCBvgVJ4Sqgl69IGplm8MHz7ZtZ-jKs4fKhi67ksJ_ZoNF9x95DO5ttSA_jRv_ISdr3yDlnn-7zU3ks-6ZgCvp33RWVMZ2vjc8AAt3qyPrYZEmLDTkx-ANG1dsp5ad_ek_XIGoZODEgn2ETIvoriP2T-4iGKLLEx019HMYmq9tsiwJEimUKXfmkla5y-ct7-SXmIIaopIM4aEukEBBL3ZiTjNQJG6Fi_g7IkKIIsYbLep3DU0CjIdpnrVQxaKk1kfzHYvfWRHWixlRP37InMKW-piS9-_BiUDfrfbuWqsXbYIS09Z0EpwJbcXQHO6ol2ZZrOUysWpPqNVnl4q7-hFoBGjs6vCvArLxTY0VypVKRwFxW_jFvupNqSmu9v9xXicJrNtYdSyOjAeOVkc1mUqx9I85G2VkO8Oi_9JS1jNlYsH0K6fNN9HABQ40Wwnjzn9jNGbG8kVStc2i0y1EoU1rM1Gq4r72B_Sa0xJNxXw7GDBteAS0Ade2TWJ8hXOOROH9uOs9SynSbGklVve3hZD3oqKd9_qnyZdv8ShJHSqs7qlhD2_-1_njTvd0nfm3nRFouFqTLLWM8-nJjE_wLe097ZTzYwPFIc0aq3NmTBH0pWVinuX3iUTrOJ47fYEbF9YBmf9uP2OPBXo6sQneTJU2UjgRLGcArm8PpwdmRUYMWdr65T1qdJB956oLz2qU2EVddUXVIAc2l-iFGVC0U2Hua8zrn96l-IX8P0tKTWh_SWHPx3u-ps96gCtHXnyQ8MUgPKs2jkhMCpE4cUnj0qVE1fWy1SZcVAYQ71ErW-62wNb40N1MvHzKSI1BCnvWXKpKJZEW8yEEEnw9aLz59jDbswn9I8QavlpwSP-Iq6ZxD4vU7CSgwmDzZbjoh_DSG9kuSPVzHffLMtg4eEeNl-uxb_FcuIv_T4ZGunpC1KgEttEn6HRIGrToJeSt9DmCxAIWzTA7etg_xVI7Uk3LL-yYUnjRguMLsrnPaXoadPNHYqCMV5KX7oXFLI2JLcuFzL60_PChQ&sai=AMfl-YQZtcEx-m1RXMrerNO8ZgoJL5iqS9QK_5AUsl6dWP3qGouakGPrnd4ZBgBZOZQPQhtWSd6qnKDlPr6_LZb_r0tG4nlW5i7zd1R4gKY5479qJ0uMNbBirzV1OOXxkSLNcHQo69V4mgUrmf_ue1EOomN_AZ4N_vR9QdB7fFM&sig=Cg0ArKJSzHwHTwjRUupNEAE&cid=CAQSTwAvHhf_R1pQ5mt2u7Mp9tA3DAFDKc_KhdGoz6VxFkd0Si2zMTfz6tsDdgVNIjYoIkmHMqwgWjsfLG4cnlXERq0fhft43xP8PXULUzeYPLQYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=303,1000,1000,1000,1000&tos=303,697,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705894077595&rpt=941&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1796
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssykAWoXuuyFQdvNEcRQXAnFYYx66Sy-LlE8cMywFdvo-997qo3KJldx0ckbOzCkL09OoPUZqkR2Fn3sl1XZnFTA8QpQN0IjWiHY-hBiN6DIUp7XU8ufs1RJNVR5SNGOrNwTg1T3SyaTmohb7knVxeXrdRC&sai=AMfl-YTNRkhjMPIYCgmuuIdodM6-3qOT_dP8L59CpfB3Bsr-d7AxXmSrQsw_kh8YJjpGFfq58cBT8Vb-y6gR_5NcGKRwCds2OpRIlqQJaK48LazxCtAOrsjL-oRYoKXFYS0l1db_c2yLCGjwTZCaXbYm&sig=Cg0ArKJSzH7157o-FBazEAE&cid=CAQSTgAvHhf_NfHnpe131MpMbN-LD3_u-3hSf8Grqmch4zuJdNS6ashOIPZANxskNDM4InZbT2l0JvSBA9FkNTVkQLilQKk3LRn0CtreSJzJ3xgB&id=lidar2&mcvt=1002&p=0,0,280,1110&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2766290758&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705894075460&rpt=3089&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
amunfezanttor.com/
94 B
355 B
Fetch
General
Full URL
https://amunfezanttor.com/event
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2d39d8892bfed95494f200e0fbc67a330e1d3bcaa9b14e47ef35e2ab8abf2b95
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://proxybrowser.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 03:28:01 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proxybrowser.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
94
custom
propu.sh/ Frame
0
0
Preflight
General
Full URL
https://propu.sh/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://proxybrowser.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://proxybrowser.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 22 Jan 2024 03:27:59 GMT
server
nginx
event
amunfezanttor.com/ Frame
0
0
Preflight
General
Full URL
https://amunfezanttor.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://proxybrowser.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://proxybrowser.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 22 Jan 2024 03:27:59 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 03:27:59 GMT
NRJS-204e6092f976f612328
bam.nr-data.net/1/
0
0

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4053
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
159038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 07:17:21 GMT
expires
Sun, 19 Jan 2025 07:17:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BF58
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: proxybrowser.xyz
URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
334e728398fa63b8f8bc136ef3b75304bda38b7e7b252b0e71102ee6657d4609
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z4WVnkz0TIIr5mIAhEXB4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://proxybrowser.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-z4WVnkz0TIIr5mIAhEXB4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 03:27:59 GMT
expires
Mon, 22 Jan 2024 03:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4053
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 00:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
9484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 00:49:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BF58
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2750259641262600&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

c.gif
www.bing.com/aes/ Frame F239
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=39e47eda-3961-4d95-8445-2a06ea26ec06&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6548452f-d17d-49df...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=da12605286ab4f28a542ff283cb52554&tids=15000&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=da12605286ab4f28a542ff283cb52554&tids=15000&med=10
Protocol
H3
Server
2600:1408:5400:7::170c:90cd Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:28:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1CFA95F25F4C481CAE4EE82232988868 Ref B: BL2EDGE1317 Ref C: 2024-01-22T03:28:00Z
x-cdn-traceid
0.cd432417.1705894080.2de90d37
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 22 Jan 2024 03:28:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC0A47EABACF4F13B25417F6ED41A43E Ref B: BL2EDGE2108 Ref C: 2024-01-22T03:28:00Z
x-cdn-traceid
0.cd432417.1705894080.2de90ca5
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=da12605286ab4f28a542ff283cb52554&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
lax1-ib.adnxs.com/ Frame F239
0
555 B
Ping
General
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fproxybrowser.xyz%2Findex.php&e=wqT_3QKsB-isAwAAAwDWAAUBCLvBt60GELuoqKzF1JqfAhgAKjYJfcRA-GhBsj8R41Dy8jzKsT8ZAAAAIFyP8j8h4w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43dwFgAEBigEDVVNEkgUG9FsCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiJodHRwczovL3Byb3h5YnJvd3Nlci54eXovaW5kZXgucGhwgAMAiAMBkAMAmAMJoAMBqgOvAwrGAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY1NDg0NTJmLWQxN2QtNDlkZi1iZTNhLTI4MzgyZjE5ZTNlYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NjU0ODQ1MmYtZDE3ZC00OWRmLWJlM2EtMjgzODJmMTllM2VjJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSMTYxNjgzODkwNjc0MjA5ODUxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EQXdOVGd6T0RBMk1UVTRORE1qTWpNek1UZzFPREF3TkRRNE56RTBNdz09wAPYBMgDANgDuO29AeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukF9WIgFAZgFAKAFiY-2_YO2uO8lwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AW3WPoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB93cBdIHDRVkASYI2gcGAV60GADgBwDqBwIIAPAHorjIBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9c9f20601daf55bd5268b8226e746aae295f71a5&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=1571204661288795377&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:28:00 GMT
an-x-request-uuid
3880db73-f9e2-4f47-b1c3-58c1aaead496
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4053
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Cg0IqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:28:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F239
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshnXI0JS4iH8OTIM3rwJWrslocoDssPo249oMtf6GJIYTB2OTQjNvC_6YHlJh_rRZfzmCuCn0XLfnWu6ZLAfz-9BQYAX1zhBP3yHEtCKfSUSxBCmMK0Ad8&sig=Cg0ArKJSzFxQc_GNsSbREAE&id=lidar2&mcvt=1014&p=0,0,600,160&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705894077731&rpt=869&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 03:28:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=2750259641262600&bg=!DA-lD0DNAAa8BdJLnAU7ADQBe5WfOGEXH2DQ4CQyiaieZxjDo86hcCM4HEd0WLU54H0Hv3-_mN5k800PelM3kp-IIyQ0AgAAAUBSAAAAA2gBB5kCvNryVWvNguSBtg_wDnTHMiAU2ldvsbuaQubvMz9ULDMZU9zPChFg95ynCdHLdwI7lL_nMjeWOl_XlRY9pObYXBeK7C7H9wO5kdKHcjuh_pFOK__vWz84KIKtaYCC9Yr-sSUHyaBAvOLBUEp9LA2tcVeiGa0txxPE2IAfi2e01Xe932ST1KthLboBIokF7tauSClQOIhpoFoT9IOEtYTcIshFOAFPMeXTai9nfhLiU0K4AhXWJONU5D5w7mcjIQdZykiXxCCxcp_G4ypJLrJ1v7QIFhaMTseDk-FIM_fda5_OfmOKT-YUNAj0h4Gadggm2DIh-4va0kyKvo98JHuQJMG_AbYp6gzgwTTvZ14jKLYQbvCMLIVFbKyHtJ-WiZ_zsDqC1aAQ4M1622wocFiVej9BuMvo4Qn881vuFaD1pl5YMD1AazxN6AK_3j7RyG-GhtQjAMLiEIGGAWlo2ZxFwLs7pguOc4VwPBZTRSiqiRQXJeQW-9v3d4out_J2rn1FQpxN-cffp47CS9ncVls3A8JRXNkaVWjFr8b8DcDl-ISV1JYK8QHt2wfC8r8K_cGDoCwN9t5FOtJtoPra-8FuzfQu8XW2ISaC6HuhX2nvlo73OvbiCTzyqCGyKirgdq6pbHxqjl0bNPC3d1c_GhOcShjLtihdYau6u_HJA6G8alx1nmvWwjHjJ7l8_blByYDmz7uOIxW16396JSc7mNC7wiVkoRf5rlelB96iG0MtTcVCJgGflDJ71_9tF1sRzMg9aTx3Jv5wgHx_WLQvrt4dcsQbuRr9DRNnEEkDmIr5Xf8cgMa5-KR03Y4jGvsTmpIQwQEJga_fUsFJqmAieBmM_LJttWgckFYR5fE4Fi0H8WeCHMSMqkangGemGfVtlGmIH2MT2szfc3qP_9T6W0NxcAhli3r2tQKHHDOn2HE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://proxybrowser.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/NRJS-204e6092f976f612328?a=1469405035&v=1.249.0&to=NlMAZ0ECDUYCUEQLDA8ZN0FaTApbB1ZITBMJRg%3D%3D&rst=6558&ck=0&s=789596ef2715d320&ref=https://proxybrowser.xyz/index.php&af=err,xhr,stn,ins,spa&ap=1&be=1116&fe=4897&dc=539&at=GhQDEQkYHkg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705894073251,%22n%22:0,%22f%22:282,%22dn%22:283,%22dne%22:283,%22c%22:283,%22s%22:415,%22ce%22:571,%22rq%22:572,%22rp%22:1117,%22rpe%22:1118,%22di%22:1654,%22ds%22:1654,%22de%22:1655,%22dc%22:6009,%22l%22:6009,%22le%22:6013%7D,%22navigation%22:%7B%7D%7D&fp=1649&fcp=1649

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic function| gtag object| dataLayer object| adsbygoogle function| urlfn function| $ function| jQuery object| bootstrap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| zfgformats object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| gaplugins object| gaData object| sdk object| google_llp boolean| installOnFly object| googletag boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

11 Cookies

Domain/Path Name / Value
.proxybrowser.xyz/ Name: _ga_30FWSL94WJ
Value: GS1.1.1705894075.1.0.1705894075.0.0.0
.proxybrowser.xyz/ Name: _ga
Value: GA1.2.1645274483.1705894075
.proxybrowser.xyz/ Name: _gid
Value: GA1.2.1309382762.1705894076
.proxybrowser.xyz/ Name: _gat_gtag_UA_34002124_6
Value: 1
.proxybrowser.xyz/ Name: __gads
Value: ID=30ecc2d156953b07:T=1705894075:RT=1705894075:S=ALNI_MaNTNvLFH7lxQX5iMam5w9wFzv9Yg
.proxybrowser.xyz/ Name: __gpi
Value: UID=00000db918d5d048:T=1705894075:RT=1705894075:S=ALNI_MYuiLARObY2ESBguZ6QPZNlNV9Gjg
.doubleclick.net/ Name: APC
Value: AfxxVi7eSKPJ1v4GORuooNuAm4xrVpx8uxND2LyKCeEsB6qEOj2kBA
.doubleclick.net/ Name: IDE
Value: AHWqTUkbbU4j58zqq3NEEmRTwcdRGDJ6VoLoUXB8CxSVcqQa5unvRFSRdgBxNGIxaf8
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bing.com/ Name: MUID
Value: 0B58393A7BA76C3307E12D347A606D74
.googleadservices.com/ Name: ar_debug
Value: 1

2 Console Messages

Source Level URL
Text
javascript error URL: https://proxybrowser.xyz/index.php?q=naikpnwbympfltrnz2drzpyprtrll56lo4-vydkql6oiy6adxsaip5gmzqwdldswb5plmmdia2zfw2aummdmzjzoymaakwtrmwthlwrql56ak5fhmzieb2jdk5etlplmzzvkzpszy2yzazirlweym3lcamxfap6bazqtxpaqz2rjnqcb
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/NRJS-204e6092f976f612328?a=1469405035&v=1.249.0&to=NlMAZ0ECDUYCUEQLDA8ZN0FaTApbB1ZITBMJRg%3D%3D&rst=6558&ck=0&s=789596ef2715d320&ref=https://proxybrowser.xyz/index.php&af=err,xhr,stn,ins,spa&ap=1&be=1116&fe=4897&dc=539&at=GhQDEQkYHkg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705894073251,%22n%22:0,%22f%22:282,%22dn%22:283,%22dne%22:283,%22c%22:283,%22s%22:415,%22ce%22:571,%22rq%22:572,%22rp%22:1117,%22rpe%22:1118,%22di%22:1654,%22ds%22:1654,%22de%22:1655,%22dc%22:6009,%22l%22:6009,%22le%22:6013%7D,%22navigation%22:%7B%7D%7D&fp=1649&fcp=1649' from origin 'https://proxybrowser.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/NRJS-204e6092f976f612328?a=1469405035&v=1.249.0&to=NlMAZ0ECDUYCUEQLDA8ZN0FaTApbB1ZITBMJRg%3D%3D&rst=6558&ck=0&s=789596ef2715d320&ref=https://proxybrowser.xyz/index.php&af=err,xhr,stn,ins,spa&ap=1&be=1116&fe=4897&dc=539&at=GhQDEQkYHkg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705894073251,%22n%22:0,%22f%22:282,%22dn%22:283,%22dne%22:283,%22c%22:283,%22s%22:415,%22ce%22:571,%22rq%22:572,%22rp%22:1117,%22rpe%22:1118,%22di%22:1654,%22ds%22:1654,%22de%22:1655,%22dc%22:6009,%22l%22:6009,%22le%22:6013%7D,%22navigation%22:%7B%7D%7D&fp=1649&fcp=1649
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adsdk.microsoft.com
amunfezanttor.com
bam.nr-data.net
bid.g.doubleclick.net
cdn.adnxs.com
cdnjs.cloudflare.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
js-agent.newrelic.com
lax1-ib.adnxs.com
my.rtmark.net
pagead2.googlesyndication.com
propu.sh
proxybrowser.xyz
r4---sn-q4flrnl7.c.2mdn.net
storage.googleapis.com
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
bam.nr-data.net
104.254.151.60
139.45.195.8
139.45.197.250
142.251.111.154
151.101.130.137
151.101.65.108
172.253.122.149
2600:1408:5400:7::170c:90cd
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6811:180e
2607:f8b0:4000:4a::9
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::68
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::64
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c19::84
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1d::cf
2a00:1450:4003:80c::2003
51.159.195.18
00c1d17757bf52d6290743923380bbf067a32c5b89bdde330b9308e055e2a03b
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
058f610251111e42ba0ae0f0fc02ff979e401019237101157b76807aa4882695
09c6d64a6a0ee729410400cc4fdd23a164cba0252285054a035364774e5ac76a
09d26610ae546b4bca4043db5914b6cba0dc0a6199c33def01f20607dc7ff96c
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
12c658e94a84137e8ad6d8f54c2d579b1d0170e968c32228fd22c2fba64dcae1
14b2341bf6e41df7fff1803272d02646bbf08537b36bcaa2995849023b3eada2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18664e0f6aa19c51aa98da29d9ed893effb9167f769dee1ad4a16fe6b5839ae8
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52
26bf82ef5408b2df14aa3bdb67df71670347ae7abc6e8d6972da244232f4df84
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d39d8892bfed95494f200e0fbc67a330e1d3bcaa9b14e47ef35e2ab8abf2b95
314136da8dc9ae30d52203e80525247a23eca7c0a41c85a7221c1144aa2f6c7b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
334e728398fa63b8f8bc136ef3b75304bda38b7e7b252b0e71102ee6657d4609
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4204ec730f4d77767db99da42f0316a4f3bb0da6df76ba56a9b6e070593973ab
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43e7d48219b47a9d4280fa37e214034c165cc89d87c04ff94001d2f54b8a14b0
4b3a46db0319de8bb68629bfe1d5f512dccadad1e11ed1cd379778862230d7b1
4be2ca01d0ba71e6187ed3bdcbc9d158b65f5f3983641b3952faec8e9053e791
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d77cf5b8fdb1c29d41c7709f5ea444d82daaa55fb53a9c0bf94153283267db6
4f2f967bed67d857c00a39db261680d7650d4a7611bbea6ab589145534dfd0ec
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51f015782de153c399ab8c39677f071aab1420e572e13a5bfd5ce11c5420792c
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e247a8b8cb69ce60447b0edd96a1ba60bca6a47f043cbfed71cffdf65e9d8f1
5fbfb6eb16071b0743d14b33e5d33761213d798d6beffe0fbfc32caf12e0cf76
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a54c4e39a897b4a2f39574c22da372f631f564be54181e2f8da90cff86b5b63
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719f954352f8d6e3f65106fb3a101698ef11c9841380a76c75cf98f24712ee4b
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7ca1551231a6ecffa118765f833d443762ddbbfdec3bf45bea47c8eaa26dab1d
841ffffb042a89409e565521638fa86dc0affc065db614046ff081c241abe02f
9454b22c8fe6750f407c702929ffe6253dff7bcc53f9b0ccc259bb0ad245760d
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9aa26fd99d211ae85f16df0e581cd2ebaefce00a2a207e982fd8e219e4b4a874
9e04da3eadcbd0bbe90634ba6dfa978b130b058e3052461e6524d452e6807297
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a2d90d06e0ea8047b83ccb0c7b08cbca6d3431157ba4fe7f63b145d079e68b15
a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b14b437b7a1be3f8bc0362259294aac19f465fa0b9f17ee60d97adedc6f09013
b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf50cd96c20fd4e88d09ab97d76703308e6104dd0a12155b9d77d5dbb1418194
c4569552b8f3069d5021cc14e3e8680f0a8a9edea995839da1e263706fcc9cb2
c6b5bc6a0287381cb56d5487c4a621c83217579fba2e75ea473abed3c99f4a25
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
db05f6f1eadb6b0c65442fa0b58d77ceb8ecfd482d0075b1967144780c36379e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ea15e9cd0c456d2ee42159182cb21c44d110b01fbfb3d54f7a63d2994aa6e05c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d2a05abd528ef92a4fb75c595f828fdc9fb0a1768f8c2b55180725802212d5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc406ffed19d31507f5222d2aa0e5c12fb491f7974db45a4c82e22947cb1aab3
fee837673c1019dbcaba33c11d82a4c5a89380dc48e644b3789ae35312604cc9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881