card.villavicastur.com Open in urlscan Pro
2607:f8b0:4006:80f::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://card.villavicastur.com/
Submission: On February 20 via api (February 20th 2024, 11:25:53 pm UTC) from US — Scanned from US

Summary HTTP 177 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 31 domains to perform 177 HTTP transactions. The main IP is 2607:f8b0:4006:80f::2013, located in United States and belongs to GOOGLE, US. The main domain is card.villavicastur.com.
TLS certificate: Issued by GTS CA 1D4 on February 20th 2024. Valid for: 3 months.

This is the only time card.villavicastur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:400... 2607:f8b0:4006:80f::2013	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
51	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:9000:21e... 2600:9000:21ea:e800:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:251... 2600:9000:2511:5000:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	108.138.128.124 108.138.128.124	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.192.212.3 34.192.212.3	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:4e9... 2600:1f18:4e9:5a01:2490:cb98:2196:d75b	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
14 24	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
6 12	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
21	2607:f8b0:400... 2607:f8b0:4006:823::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2 2	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:2::6	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:1::8	15169 (GOOGLE) (GOOGLE)
1 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1 1	2600:1f18:612... 2600:1f18:612b:4232:23c4:9f27:fed9:313c	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.207.52.22 23.207.52.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
177	40

1 2607:f8b0:4006:80f::2013 (United States)

ASN15169 (GOOGLE, US)

card.villavicastur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:e800:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:5000:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.212.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-212-3.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::347 (United States) 1 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:808::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:2490:cb98:2196:d75b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.251.35.162 (Queens, United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.36.155 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.160.132 (New York, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:823::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200e (United States) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:2::6 (United States)

ASN15169 (GOOGLE, US)

r1---sn-ab5l6nk6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:1::8 (United States)

ASN15169 (GOOGLE, US)

r3---sn-ab5l6nrl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (North Bergen, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:23c4:9f27:fed9:313c (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

google.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.52.22 (Atlanta, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-52-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	622 KB
41	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551	340 KB
25	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r1---sn-ab5l6nk6.c.2mdn.net — Cisco Umbrella Rank: 80663 r3---sn-ab5l6nrl.c.2mdn.net — Cisco Umbrella Rank: 97231	1 MB
15	demand.supply live.demand.supply — Cisco Umbrella Rank: 60522 api.demand.supply — Cisco Umbrella Rank: 99719	42 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	8 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	10 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2328 google-bidout-d.openx.net — Cisco Umbrella Rank: 2314 us-u.openx.net — Cisco Umbrella Rank: 577	2 KB
5	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 15182 2.bp.blogspot.com — Cisco Umbrella Rank: 16477	42 KB
4	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 2495 creativecdn.com — Cisco Umbrella Rank: 513 cm.creativecdn.com — Cisco Umbrella Rank: 2115	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 461 mug.criteo.com — Cisco Umbrella Rank: 2577	8 KB
3	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4162 ups.analytics.yahoo.com — Cisco Umbrella Rank: 421 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 519	10 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 ajax.googleapis.com — Cisco Umbrella Rank: 434	32 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1011 r.turn.com — Cisco Umbrella Rank: 4758	869 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 389	715 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 311	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1113 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1084	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 961 id5-sync.com — Cisco Umbrella Rank: 442	27 KB
2	gstatic.com fonts.gstatic.com	19 KB
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3218	1 KB
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1318	1 KB
1	tremorhub.com 1 redirects google.partners.tremorhub.com — Cisco Umbrella Rank: 17896	679 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 5341	509 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 7207	785 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	statically.io 1 redirects cdn.statically.io — Cisco Umbrella Rank: 8351	360 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2935	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	902 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 689	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2030	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1419	6 KB
1	villavicastur.com card.villavicastur.com	38 KB
177	31

	Domain	Requested by
44	pagead2.googlesyndication.com	securepubads.g.doubleclick.net card.villavicastur.com pagead2.googlesyndication.com f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
24	cm.g.doubleclick.net	14 redirects google-bidout-d.openx.net googleads.g.doubleclick.net f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
21	s0.2mdn.net	card.villavicastur.com s0.2mdn.net
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net card.villavicastur.com tpc.googlesyndication.com f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com s0.2mdn.net
14	live.demand.supply	card.villavicastur.com live.demand.supply client
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	card.villavicastur.com pagead2.googlesyndication.com f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	card.villavicastur.com
4	f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	2.bp.blogspot.com
2	ade.googlesyndication.com
2	creativecdn.com	2 redirects
2	gcdn.2mdn.net	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects card.villavicastur.com
2	fonts.gstatic.com	fonts.googleapis.com
2	3.bp.blogspot.com	card.villavicastur.com
2	fonts.googleapis.com	card.villavicastur.com f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
1	a.rfihub.com	1 redirects
1	cs.media.net	1 redirects
1	google.partners.tremorhub.com	1 redirects
1	cm.creativecdn.com
1	mweb.ck.inmobi.com	1 redirects
1	aep.mxptint.net	1 redirects
1	r.turn.com	f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	r3---sn-ab5l6nrl.c.2mdn.net
1	r1---sn-ab5l6nk6.c.2mdn.net
1	www.google.com	tpc.googlesyndication.com
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cdn.statically.io	1 redirects
1	mug.criteo.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	api.demand.supply	live.demand.supply
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	ajax.googleapis.com	card.villavicastur.com
1	card.villavicastur.com
177	53

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.seoplus-template.com
sulvo.com

Subject Issuer	Validity	Valid
card.villavicastur.com GTS CA 1D4	`2024-02-20` - `2024-05-20`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2024-02-20` - `2024-05-20`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-02-12` - `2024-08-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://card.villavicastur.com/
Frame ID: CB6C1CD5FBED89FC6AFE70A50A7DDD00
Requests: 51 HTTP requests in this frame

Frame: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D580A69F4761083910AD85629DEE19F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=card.villavicastur.com
Frame ID: 084EE8E2D201D50D784018B35CE68F19
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FA193D8F81CE18ED642CC62F382E42BE
Requests: 6 HTTP requests in this frame

Frame: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6F905702773DD08EB778184863466F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNWiTGDv1IX7vwY_XEiAx-buHu4QXUZVvKrG6-jfv2OZWglbqR4fADwlAKkcXfBJChBJcA5kMQSgTXUP8bR9WmXKoHh9ug
Frame ID: 9AF262A43C3ADF47A8F1FC63695B78E3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5528771713E59DAD4B2658E0A8D1BF31
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6EF4D59FE44583C45907554A185C834
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 080D94446B655AB7C0E77B23E76850A2
Requests: 2 HTTP requests in this frame

Frame: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5129395B9A228EA30EED9ACD593CC923
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjp-46IAjAB&v=APEucNVArIc7m1sb5DLwCYkkKVsQlVhmHzVTZGoqprV9lnbq8uRhvU-aicjdouhY36WMJ1sCovHUxZ0b9UU5fgxiCteYrX82Iw
Frame ID: 78EF419C0C1243B40A4079EBBF7CB63B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 770DC0A9D9A8E7987A347BEB0A740762
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
Frame ID: C206C36BCE59F9857AEF6DFE867D9F4A
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
Frame ID: 9C2DFDAED70AFC2948C3B27413877648
Requests: 10 HTTP requests in this frame

Frame: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 430609C012A5EB78F3F777D15259EA76
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A46B4268421EA02A92C00C53F4C08BD4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhj9-o6IAjAB&v=APEucNWZ-yB9oiKBrbvnPR_yjdR6aFlwaHh1_cJKvAtRNk40sfU83QslpmOTP4EF3EHeLx56C44DmB_ReYBKTRdL7JXYobWFgQ
Frame ID: 90DDA134602B9DB8FC2A9E30340911DE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8FA83B471F9D7FD822551CF38C0C3897
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5045E9B9D981F6180FD04D4054930AC5
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250
Frame ID: 6A4DABD49F59BCE5139F280B0225BE1C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2A261D894050D9F588B3FFB0E6CEC03E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 59A25FFE88E7387C9534E2CFACFAB081
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 801CDFE349E40C755A86529301BEE650
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: A42C88418027307A6895F37675DDD2B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

card.villavicastur.com

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

177
Requests

84 %
HTTPS

54 %
IPv6

31
Domains

53
Subdomains

40
IPs

5
Countries

2571 kB
Transfer

5510 kB
Size

45
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/07161300241623467171
Title: Heidi

Search URL Search Domain Scan URL

URL: https://www.seoplus-template.com/

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://card.villavicastur.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://oajs.openx.net/esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp&cc=1

Request Chain 36

https://gum.criteo.com/sid/json?origin=publishertagids&domain=villavicastur.com&sn=ChromeSyncframe&so=0&topUrl=card.villavicastur.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=r6tnGHxWV2phMGZkekdCSkVwZE1UTHQ1THhBUDMweHJKaEdsM1B3UThveFFqTmFHd0MrbkRjRG01OVRrZnAzVHA2SXF4Yll4SG5MdGYyMU5kRVVDVkM1SW11amFnTkhWUWo1WEl5azNZaDVRdnF3ZmhReHhTNys1YnVsNTM1NjBmdG9PSlN1Qlh5UExkeEk4OWo1cE5lalQ2T3dQU1pWeFVDOWlVMkZFYXE5em5Zcm8zYW1NYWxoeC9vZlZyUG5zbTh4WFF6T0loK015eUlPc0R2aHFTOHBXc1EyR1hDczcxNWpGZHd0TUdFNGs1d3Y2M20zdnMvbUIrTWtmNmU3cHVVZUxKRFBNWUlpaGN0cnhQbWFhdkxkMHA0akt2c1NEeGJ3bnBTblhodGdyZmVLaz18&cppv=2

Request Chain 37

https://cdn.statically.io/img/2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png?format=webp HTTP 302
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png

Request Chain 45

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316&dcc=t

Request Chain 46

https://match.adsrvr.org/track/cmf/openx?oxid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e1af65f-593c-462a-bddc-b7b2fb705e84&ttd_puid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0&gdpr_consent=

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2&google_tc=

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtTYfOsWz6Xt4829qqTuJQ&google_cver=1

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1&C=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM52QAAHpfADNiAgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_S4kRqSwRFCYVCISZ43ww%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM6e0AAG-UAB2LagAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM6e0AAG-UAB2LagAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENIN2cOGNJGo-b0rsGNFRj8&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Request Chain 144

https://gcdn.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/AA1ED95A357AE0CF54EF995D1F74ACCBCC3BC9D5.70982F2A72054C1FE8715766E431E9DA89074A6A/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/521EC9A004EEE2549868E8CD03AE5DD7B3090F57.369D98DCEE3DFD83C4CD1987D7BC3CC63BDDD5FD/key/cms1/cms_redirect/yes/mh/Lb/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1708471127/mv/u/mvi/1/pl/48/file/file.mp4

Request Chain 145

https://gcdn.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/38DB067DA90B1256D07ED403FC840417CD5C030E.A2038AF9F1840AB2C8D71DCC0C713E8CB1149877/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-ab5l6nrl.c.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A7F476B68DB0452BD1068670C4518A0B6282C9F.4BF55C279A2D356B2E8024C61601BA7049F6B0D4/key/cms1/cms_redirect/yes/mh/nt/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nrl/ms/onc/mt/1708471127/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 152

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1&google_push=AXcoOmRzdhgRyJvLfr6HckwYtkBhejEU36b7SdFgDMHLt2OA5YVWRBxqjUMaxmN79CLL9Kjy2nQozT0uZEjC0J3nyQnoefSc4a72_9BGuh6sxuACYJ6Q-oN6LwuYocYoZVkbPYS0mXcRKWT2Qu4Uw_AjiTs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUwODQ0MzM4ODUzMTYyNDAzNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1

Request Chain 153

https://aep.mxptint.net/sn.ashx?google_gid=CAESEMc41AqC4QeXExNyX2QsGxQ&google_cver=1&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmTLr19yi2pRfUCWIJWSXMpmGUqbd_RY6s2jvx_nqSB_lNObFN9FAo-A8G0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmTLr19yi2pRfUCWIJWSXMpmGUqbd_RY6s2jvx_nqSB_lNObFN9FAo-A8G0&google_hm=UjMzNjQ2XzExMTM0NTczN184RTBGOTU1Mg%3D%3D

Request Chain 154

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=1&google_push=AXcoOmRG28wV15yhjnFrIRLUcjj1GzjIYQJ2oVWTNPbGBuJuKl4kUtOQalkwQZ-n7rc-PX-laVArZUOV-ieHwgDFJvY7JFmAnsMSDLrC2RFVSkraXERuA0wBt7MY6lev7LXRH-ANJh9pXCnzEA4CmmRrMBFI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDY0ODE1NmYtODAzNi00MTgxLWJkZGItZGU2NWM1ZjFlNDA1&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=1&google_push=AXcoOmRG28wV15yhjnFrIRLUcjj1GzjIYQJ2oVWTNPbGBuJuKl4kUtOQalkwQZ-n7rc-PX-laVArZUOV-ieHwgDFJvY7JFmAnsMSDLrC2RFVSkraXERuA0wBt7MY6lev7LXRH-ANJh9pXCnzEA4CmmRrMBFI

Request Chain 155

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1&google_push=AXcoOmRTtFHwKkHVyGsqpYtzRNeRCLSfa0VZaRlP9504MoMjpdBza4mGeFFKmsVLzHx8MQrK3RXwJqik_OnIGpGjKRzoqM_5w8AWWblMED8YuqLYrYIyF4Qbh8G_U07RAbJql0V-TmBF_RqNNRu366jPehCK HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1&google_push=AXcoOmRTtFHwKkHVyGsqpYtzRNeRCLSfa0VZaRlP9504MoMjpdBza4mGeFFKmsVLzHx8MQrK3RXwJqik_OnIGpGjKRzoqM_5w8AWWblMED8YuqLYrYIyF4Qbh8G_U07RAbJql0V-TmBF_RqNNRu366jPehCK&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=6zmyy9wXcoV3r8HWXC6qZDP1HU_21QfaT0NiIaZlh2U&pi=adx&pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1&google_push=AXcoOmRTtFHwKkHVyGsqpYtzRNeRCLSfa0VZaRlP9504MoMjpdBza4mGeFFKmsVLzHx8MQrK3RXwJqik_OnIGpGjKRzoqM_5w8AWWblMED8YuqLYrYIyF4Qbh8G_U07RAbJql0V-TmBF_RqNNRu366jPehCK&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

Request Chain 156

https://google.partners.tremorhub.com/sync?UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3GvqAhWj5ntiqwJ5dlVU-Wqq2JFaiWfBTHXERyDUMAkf2yj1ww3HySfrlh9vK5dm2-FJnsayC6NG43ISa_Mx7sUjcwthtFqY8UN6SqP9Oombx1PvXLJ8DaFAl1BNxE2Ze_O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTQwMmI1OWZiMjE2NGZjOTg0OWMxOGY1YjJmODU2Mjc%3D&UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3GvqAhWj5ntiqwJ5dlVU-Wqq2JFaiWfBTHXERyDUMAkf2yj1ww3HySfrlh9vK5dm2-FJnsayC6NG43ISa_Mx7sUjcwthtFqY8UN6SqP9Oombx1PvXLJ8DaFAl1BNxE2Ze_O

Request Chain 157

https://cs.media.net/cksync?type=g&google_gid=CAESENSfRHfaBn2RNb4lic6k-0w&google_cver=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIOmlMOMfBx22_jsJABDqvBSpyJouRNq9Yam1PQB3A7IQ_UuSzqxpV2oKVFNNmcWToV8dwAKQNOU-PX6d2_enGAsiRBe5zyqjIxVdaKqK4nYjh3c29J_CtRWK1ZnZ7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&mn_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIOmlMOMfBx22_jsJABDqvBSpyJouRNq9Yam1PQB3A7IQ_UuSzqxpV2oKVFNNmcWToV8dwAKQNOU-PX6d2_enGAsiRBe5zyqjIxVdaKqK4nYjh3c29J_CtRWK1ZnZ7g&gdpr=&gdpr_consent=

Request Chain 158

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECqiM8aLAyHlG8PaWnKFsl4&google_cver=1&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205xZy4ChwtGOQjGqRwR8AsUIFU7VRuGvO53xM2-dHvcf4k6sOpI5srdYsxcIqqvRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205xZy4ChwtGOQjGqRwR8AsUIFU7VRuGvO53xM2-dHvcf4k6sOpI5srdYsxcIqqvRw&google_hm=OTkzNzc2MzkzMDQ3NjIyODc0

177 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
card.villavicastur.com/ 174 KB
38 KB 311ms
204ms Document
text/html 2607:f8b0:4006:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d60a36c6a4638387b4f41be6b6680554d342df6e0329e5c3f5d96215ab4d4a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 38766
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 23:25:45 GMT
etag: W/"b77bb5a2cc56b1650c7c04f51564deabe21da71b257ec570043a98878d477d9a"
expires: Tue, 20 Feb 2024 23:25:45 GMT
last-modified: Tue, 20 Feb 2024 22:30:11 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 392ms
308ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe72fc99e9196ef70ff4bc4f094508f3b4f9cbd2bb8759b80eb867093e268259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HP75F9AZCREH52VHCRJ7K2EH
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1139
cf-polished: origSize=5381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"58fb9c0053635ce2e41d09ded26ca7c5-ssl-df"
cache-status: "Netlify Edge"; fwd=stale
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 858a82ba8af14bcf-BUF
link: <https://live.demand.supply/impl.v17.29.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
968 B 99ms
41ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2827edb4b24c23126234289a5ec4351fdc4bb67b05478ee2359dedb210aed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 23:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 23:18:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 23:25:45 GMT

GET
H2 200 94780799_258223751988228_6585718726438420480_n.png
3.bp.blogspot.com/-IWoLFKUqnNQ/Xr-F9vFjz9I/AAAAAAAAANg/cZUh9fYZ3BI4P0so5JpIijTLjNjA1WDkACK4BGAYYCw/s1600/ 33 KB
33 KB 86ms
24ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-IWoLFKUqnNQ/Xr-F9vFjz9I/AAAAAAAAANg/cZUh9fYZ3BI4P0so5JpIijTLjNjA1WDkACK4BGAYYCw/s1600/94780799_258223751988228_6585718726438420480_n.png

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

205922fef16009feda26861d349bdc05638083cffa2ad44e33470820cf9fcc67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:18:06 GMT
x-content-type-options: nosniff
age: 459
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="94780799_258223751988228_6585718726438420480_n.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33516
x-xss-protection: 0
server: fife
etag: "vd9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 23:18:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 87ms
25ms Script
text/javascript 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 17:57:54 GMT

GET
DATA 200
OK truncated
/ 627 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 10 KB
10 KB 84ms
25ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://card.villavicastur.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 06:55:54 GMT
x-content-type-options: nosniff
age: 491392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 06:55:54 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v9/ 8 KB
8 KB 80ms
29ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5afc2fb4dbd2ecb286ee9b121154abaa9709ae3d710d730a57702725bc28e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://card.villavicastur.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:47:41 GMT
x-content-type-options: nosniff
age: 470285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8524
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 12:47:41 GMT

GET
H2 200 256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ 1 KB
1 KB 25ms
25ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:06:39 GMT
x-content-type-options: nosniff
age: 8347
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="256-256.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
server: fife
etag: "v4ed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:06:39 GMT

GET
H2 200 impl.v17.29.0.js Show response
live.demand.supply/ 93 KB
30 KB 38ms
37ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.29.0.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HP7581DF01FYPWEG10ZZK8F8
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 981637
cf-polished: origSize=94947
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"9390a1746dc58e5bd985c7821cf6e089-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 858a82bc7ca84bcf-BUF

GET
H2 200 Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8= Show response
live.demand.supply/p4/v17-24-0/ 1 KB
637 B 258ms
258ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=
Requested by: Host: card.villavicastur.com
URL: https://card.villavicastur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a687a2be850e49d92a692aa74e6ab4c3dc3ea9ac9c8ebaba6fab6883d2102a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 858a82bc7ca94bcf-BUF
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
502 B 160ms
127ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=394&cs=c&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82bcadae4bc0-BUF

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 122ms
66ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d7b1ebc824ad7f404974f16606e42434eec7a4ab2d68c43a73a063a6b66d4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29439
x-xss-protection: 0
server: cafe
etag: 746 / 19773 / m202402150101 / config-hash: 10528787829441166925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:46 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
643 B 158ms
126ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPR9C97Y7RZB7XY1T9NS
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 858a82bcadab4bc0-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 villavicastur.com_fluid_sq_cardvillat Show response
live.demand.supply/cp/ 28 B
371 B 335ms
335ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/villavicastur.com_fluid_sq_cardvillat?mlcu=4327629b-5da4-4336-8c80-56a74e336631&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb32c8c71eed64867611ac9e498b8bac0495fb3aa9ac06c55f29de89f5deb07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 858a82bccdb84bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 28

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/ 429 KB
135 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 22:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1859
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138090
x-xss-protection: 0
server: cafe
etag: 14352082441515359041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 19 Feb 2025 22:54:47 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
506 B 117ms
116ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=villavicastur.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82be3edb4bc0-BUF

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 76ms
33ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 19:54:16 GMT
server: cloudflare
age: 442923
etag: W/"65ce6be8-42fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 858a82beac6c39f4-YYZ
expires: Fri, 23 Feb 2024 23:25:46 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 88ms
31ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 09:44:46 GMT
content-encoding: gzip
age: 1863660
x-guploader-uploadid: ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 29 Jan 2025 09:44:46 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 133ms
59ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Feb 2024 23:25:46 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 142ms
25ms Script
application/javascript 2600:9000:21ea:e800:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ea:e800:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 22:45:46 GMT
via: 1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: EWR50-C1
age: 2401
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: oRtSWi6yvB2gCMM6J7YdlHOA7Ao-8YJ_C4_QTs7hKuoqHNyVEgFEpg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 101ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Feb 2024 23:25:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13453
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nyc-kteb1890076-NYC
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 90 KB
26 KB 111ms
38ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb890d213e25cf33417e37de79c453a3768665521b8cd07cf5c18c32c1e30f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 20 Feb 2024 11:08:29 GMT
server: cloudflare
x-amz-request-id: N6HCMGEZYAFFNKTH
age: 160
etag: W/"514331e770d38f45104f07677b44d965"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 858a82bedbbc4bd5-BUF
x-amz-id-2: XTezHt0rgB5X8jorSNSN+F6R/9OacT7F6khjn60D8EbKnZ1zK69aIe2dFEmLzApCfzRy20VpV+o=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 169ms
112ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: a8fc65e8a53ccaff625827000841481d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 131ms
26ms Script
text/javascript 2600:9000:2511:5000:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5000:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 20 Feb 2024 10:29:07 GMT
Via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 46600
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: urZNtkpVc5U5Vn5XQn1RjBqb7KwtCEVoDJlcCgBzHHLcoRH7YBkNBg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 105ms
33ms Script
text/javascript 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 12:00:08 GMT
content-encoding: gzip
via: 1.1 bd3fb8ca205d8e5f716067cdf581fa76.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 41139
etag: W/"21f8671135afbd2e874c42d3dc478afa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: CMg_oFr4pdltzGM86gevNeGT83EhskvQa20mxT7Yp3Kn0CQuWJKwhQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
751 B 700ms
700ms Fetch
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=435422456767657&correlator=2866675169593576&eid=31080856&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fif&iu_parts=44890869%3A22565494291%2Cca-pub-3831894559014614-tag%2Ca65d8ffa-6957-42ee-89fe-edc5e8bb1312&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708471546604&lmt=1708468211&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcard.villavicastur.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1916179023.1708471547&ga_sid=1708471547&ga_hid=447618310&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjp5dvG3DFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjp5dvG3DFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOnl28bcMUgAUgIIZBIZCgpwdWJjaWQub3JnGOnl28bcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjp5dvG3DFIAFICCGQSFwoIcnRiaG91c2UY6eXbxtwxSABSAghkEhQKBW9wZW54GOnl28bcMUgAUgIIZBIZCgp1aWRhcGkuY29tGOnl28bcMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6eXbxtwxSABSAghk&dlt=1708471545906&idt=650&prev_scp=ti%3D4327629b-5da4-4336-8c80-56a74e336631%26interstitials-bid%3D30%26bid-p%3Dgoogle%26bsc%3D41&adks=1394186871&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

318f4d8005527a63e569c29241ea5e95496e0865f6e4d0c5db2e39da8196f7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://card.villavicastur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D58 6 KB
3 KB 105ms
39ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:46 GMT
expires: Wed, 19 Feb 2025 23:25:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 795ms
794ms Fetch
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=435422456767657&correlator=1011802840674969&eid=31080856&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fif&iu_parts=44890869%3A22565494291%2Cca-pub-3831894559014614-tag%2Cba429f38-4f03-4aa1-a0bf-65c72384a014&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708471546616&lmt=1708468211&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcard.villavicastur.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1916179023.1708471547&ga_sid=1708471547&ga_hid=447618310&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjp5dvG3DFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjp5dvG3DFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOnl28bcMUgAUgIIZBIZCgpwdWJjaWQub3JnGOnl28bcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjp5dvG3DFIAFICCGQSFwoIcnRiaG91c2UY6eXbxtwxSABSAghkEhQKBW9wZW54GOnl28bcMUgAUgIIZBIZCgp1aWRhcGkuY29tGOnl28bcMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6eXbxtwxSABSAghk&dlt=1708471545906&idt=650&prev_scp=ti%3D4327629b-5da4-4336-8c80-56a74e336631%26interstitials-bid%3D0.5%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D41&adks=960372768&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ebe0ecb6d8c33ecbe0479466e71376728dcd254898c9a4caac5defe532e665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10778
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://card.villavicastur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/ 46 KB
15 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5677953672cdc5a7bc37981b3a8445f1aa57f79d310a28cbba9fe4f7672fe83e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 03:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71278
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15021
x-xss-protection: 0
server: cafe
etag: 2346651094939736056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 19 Feb 2025 03:37:48 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=villavicastur.com_fluid_sq_cardvillat&pdc=2.416193675994873&e=tcp&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82bedf3e4bc0-BUF

GET
H2 200 villavicastur.com_fluid_sq_cardvillat Show response
api.demand.supply/v17-24-0/a/ 365 B
707 B 258ms
169ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v17-24-0/a/villavicastur.com_fluid_sq_cardvillat?&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc5d57b0a3451cb23423bb29eff08839e6e4c66a72e919e016463448f6b8943

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"16d-df/8j7LCZR4KMYy0K+5vX6p4d10"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 858a82bf6daa4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp&cc=1

85 B
194 B

58ms
57ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp&cc=1
Requested by: Host: card.villavicastur.com
URL: https://card.villavicastur.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 21848e1be2893a186ed7fea8801c55fcfce2ff4b7f03689dfe7e9e0b846ce195

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Gkgi8hraDMneOMxJ+QPJMqCiY/Y"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://card.villavicastur.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 20 Feb 2024 23:25:46 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://card.villavicastur.com
location: /esp?url=https%3A%2F%2Fcard.villavicastur.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 154 B
536 B 133ms
49ms XHR
application/json 34.192.212.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.212.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-212-3.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a2d1b7a4b94025837233b0d49df6e608dba1898b09021d01cc185d22d0fc4915

Request headers

Referer: https://card.villavicastur.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://card.villavicastur.com
cache-control: no-cache
x-server: 10.40.53.64
access-control-allow-credentials: true
content-length: 154
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
238 B 339ms
111ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://card.villavicastur.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://card.villavicastur.com
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 084E 14 KB
6 KB 95ms
31ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=card.villavicastur.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 278883
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58813/ 0
368 B 142ms
44ms XHR
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fcard.villavicastur.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://card.villavicastur.com
content-type: application/json
access-control-allow-credentials: true
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 084E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=villavicastur.com&sn=ChromeSyncframe&so=0&topUrl=card.villavicastur.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=r6tnGHxWV2phMGZkekdCSkVwZE1UTHQ1THhBUDMweHJKaEdsM1B3UThveFFqTmFHd0MrbkRjRG01OVRrZnAzVHA2SXF4Yll4SG5MdGYyMU5kRVVDVkM1SW11amFnTkhWUWo1WEl5azNZaDVRdnF3ZmhReHhTNys1YnVsNT...

465 B
1 KB

99ms
30ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=r6tnGHxWV2phMGZkekdCSkVwZE1UTHQ1THhBUDMweHJKaEdsM1B3UThveFFqTmFHd0MrbkRjRG01OVRrZnAzVHA2SXF4Yll4SG5MdGYyMU5kRVVDVkM1SW11amFnTkhWUWo1WEl5azNZaDVRdnF3ZmhReHhTNys1YnVsNTM1NjBmdG9PSlN1Qlh5UExkeEk4OWo1cE5lalQ2T3dQU1pWeFVDOWlVMkZFYXE5em5Zcm8zYW1NYWxoeC9vZlZyUG5zbTh4WFF6T0loK015eUlPc0R2aHFTOHBXc1EyR1hDczcxNWpGZHd0TUdFNGs1d3Y2M20zdnMvbUIrTWtmNmU3cHVVZUxKRFBNWUlpaGN0cnhQbWFhdkxkMHA0akt2c1NEeGJ3bnBTblhodGdyZmVLaz18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06ce28ba2c3db8afb4ed91cefd8776adbf05224b5eb9cba2e3dbb9ebe220c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1220790
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=r6tnGHxWV2phMGZkekdCSkVwZE1UTHQ1THhBUDMweHJKaEdsM1B3UThveFFqTmFHd0MrbkRjRG01OVRrZnAzVHA2SXF4Yll4SG5MdGYyMU5kRVVDVkM1SW11amFnTkhWUWo1WEl5azNZaDVRdnF3ZmhReHhTNys1YnVsNTM1NjBmdG9PSlN1Qlh5UExkeEk4OWo1cE5lalQ2T3dQU1pWeFVDOWlVMkZFYXE5em5Zcm8zYW1NYWxoeC9vZlZyUG5zbTh4WFF6T0loK015eUlPc0R2aHFTOHBXc1EyR1hDczcxNWpGZHd0TUdFNGs1d3Y2M20zdnMvbUIrTWtmNmU3cHVVZUxKRFBNWUlpaGN0cnhQbWFhdkxkMHA0akt2c1NEeGJ3bnBTblhodGdyZmVLaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 359221
content-length: 0
expires: 0

GET
H3

200

default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/
Redirect Chain

https://cdn.statically.io/img/2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png?format=webp
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png

4 KB
4 KB

25ms
24ms

Image
image/png

2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png

Protocol

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3087039762141ce9321fe190e4a5e094cb38a67941298b6d732edb6136449df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:31:26 GMT
x-content-type-options: nosniff
age: 10461
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="default.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3641
x-xss-protection: 0
server: fife
etag: "v304"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:31:26 GMT

Redirect headers

date: Tue, 20 Feb 2024 23:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-ewr18179-EWR

GET
H2 200 default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s328/ 3 KB
3 KB 50ms
49ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s328/default.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e2cdf970aca9544bb3a3262da6839d46171681a0833698431853722ef8f3249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="default.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
server: fife
etag: "v304"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 23:25:46 GMT

GET
H2 200 default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s140/ 1 KB
1 KB 27ms
26ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s140/default.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8767dc1e5fc93b1de80f81545b42238e0da3ed3bd362d5340a43235b3b92a03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:18:26 GMT
x-content-type-options: nosniff
age: 440
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="default.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1152
x-xss-protection: 0
server: fife
etag: "v304"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 23:18:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 127ms
71ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

203c7cfa4769a0b37dd8510b3f1f6fc6d37c6242316e32f4626617d6b7b762bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12462
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame FA19 725 B
868 B 117ms
52ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0c701e7998f40488bd88465af906a6fb6fc1186a548c961daac4446a9c9d0f5f

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 450
content-type: text/html
date: Tue, 20 Feb 2024 23:25:46 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 632ms
632ms Fetch
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=435422456767657&correlator=1832595240075793&eid=31080856&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fif&iu_parts=44890869%3A22565494291%2Cca-pub-3831894559014614-tag%2C847bef97-9ff8-49bb-bc36-4f956fbdfb66&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708471546964&lmt=1708468211&adxs=250&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcard.villavicastur.com%2F&vis=1&psz=1100x296&msz=1100x296&fws=4&ohw=1100&ga_vid=1916179023.1708471547&ga_sid=1708471547&ga_hid=447618310&ga_fc=false&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj659vG3DFIABIbCgwzM2Fjcm9zcy5jb20Y6eXbxtwxSABSAghkEhkKCnB1YmNpZC5vcmcY4ebbxtwxSABSAghqEhgKCXlhaG9vLmNvbRic59vG3DFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y6eXbxtwxSABSAghkEhcKCHJ0YmhvdXNlGKLn28bcMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lOQ3ROYTNSTGVURlRhbUUzVlc5d1oyaFpZbUpEZHowOUluMD0Yk-jbxtwxSAASGQoKdWlkYXBpLmNvbRjp5dvG3DFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOnl28bcMUgAUgIIZA..&dlt=1708471545906&idt=650&prev_scp=ti%3D4327629b-5da4-4336-8c80-56a74e336631%26chrand%3Dy%26pof%3D0%26bid%3D1.1%26bid-p%3Dgoogle%26bsc%3D41&adks=121952937&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045e0da52233306b183e36766e077ee73d35f4139e204b6fc58fee0cba19617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://card.villavicastur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 544ms
72ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 23:25:47 GMT

GET
H2 200 a4887da9-959e-e788-d053-547d1ef625bf
pr-bh.ybp.yahoo.com/sync/openx/ Frame FA19 43 B
602 B 507ms
34ms Image
image/gif 2600:1f18:4e9:5a01:2490:cb98:2196:d75b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/a4887da9-959e-e788-d053-547d1ef625bf?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:2490:cb98:2196:d75b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FA19
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316&dcc=t

43 B
855 B

56ms
56ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Feb 2024 23:25:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0ACV767KHRQNTZP0A9H0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Feb 2024 23:25:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PJXJ0J6MEZD17CEKQQRC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68996790-1998-ce3b-218a-c01f89922316&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FA19
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e1af65f-593c-462a-bddc-b7b2fb705e84&ttd_puid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0&gdpr_consent=

43 B
314 B

49ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e1af65f-593c-462a-bddc-b7b2fb705e84&ttd_puid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e1af65f-593c-462a-bddc-b7b2fb705e84&ttd_puid=304f1bed-0532-75c1-e184-4288e1a1e8f6&gdpr=0&gdpr_consent=
date: Tue, 20 Feb 2024 23:25:47 GMT
server: Kestrel
content-length: 335

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2&google_tc=

170 B
243 B

43ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMyMGM4MjctY2M0NS0yYjY1LWY0NjQtMTgzMTJiNDMyNjk2&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FA19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtTYfOsWz6Xt4829qqTuJQ&google_cver=1

43 B
97 B

46ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtTYfOsWz6Xt4829qqTuJQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtTYfOsWz6Xt4829qqTuJQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 110ms
110ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=villavicastur.com_auto_interstitial_desktop&e=nai&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82c2d9de4bc0-BUF

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
505 B 107ms
107ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=villavicastur.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82c2d9df4bc0-BUF

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 621ms
620ms Fetch
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=435422456767657&correlator=784803281249443&eid=31080856&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fif&iu_parts=44890869%3A22565494291%2Cca-pub-3831894559014614-tag%2C8a9c59fd-4dc9-4b81-b63f-7843bc1136bf&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D2c2ce7035ada416b%3AT%3D1708471546%3ART%3D1708471546%3AS%3DALNI_MahlVn8RzF3yy17zJ2vIXtl6opATg&gpic=UID%3D00000dcbb10e5b20%3AT%3D1708471546%3ART%3D1708471546%3AS%3DALNI_MZJD0kq2u_qaV1GEAC7LDNirbI6Rg&abxe=1&dt=1708471547329&lmt=1708468211&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcard.villavicastur.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1916179023.1708471547&ga_sid=1708471547&ga_hid=447618310&ga_fc=false&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj659vG3DFIABIbCgwzM2Fjcm9zcy5jb20Y6eXbxtwxSABSAghkEhkKCnB1YmNpZC5vcmcY4ebbxtwxSABSAghqEhgKCXlhaG9vLmNvbRic59vG3DFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y6eXbxtwxSABSAghkEhcKCHJ0YmhvdXNlGKLn28bcMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lOQ3ROYTNSTGVURlRhbUUzVlc5d1oyaFpZbUpEZHowOUluMD0Yk-jbxtwxSAASGQoKdWlkYXBpLmNvbRjp5dvG3DFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN_p28bcMUgAUgIIag..&dlt=1708471545906&idt=650&prev_scp=ti%3D4327629b-5da4-4336-8c80-56a74e336631%26interstitials-bid%3D12%26bid-p%3Dgoogle%26bsc%3D41&adks=4232260403&frm=20&eo_id_str=ID%3Ddf87e15b4886c415%3AT%3D1708471546%3ART%3D1708471546%3AS%3DAA-AfjZJvUXTUj3066YWiirpIxMg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af542112b4b3b7832935501b6abc83442a1b4d9fead8b5e9997e83cfae651358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17882
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://card.villavicastur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6F9 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:46 GMT
expires: Wed, 19 Feb 2025 23:25:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 36ms
36ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HN69YG19T29FXMYMBDC9B08M
date: Tue, 20 Feb 2024 23:25:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2059272
cache-status: "Netlify Edge"; hit
etag: W/"e3bf5df30d7f62eba8446b559847d731-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 858a82c38dd34bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9AF2 624 B
826 B 125ms
63ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNWiTGDv1IX7vwY_XEiAx-buHu4QXUZVvKrG6-jfv2OZWglbqR4fADwlAKkcXfBJChBJcA5kMQSgTXUP8bR9WmXKoHh9ug

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:47 GMT
expires: Tue, 20 Feb 2024 23:25:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5528 93 KB
33 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5528 3 KB
1 KB 30ms
28ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5528 20 KB
8 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5528 204 KB
61 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 00:01:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5528 42 B
63 B 94ms
93ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ci2A-Lie1uVfhc772dji6BKIM6x2Gy_f5qPLQNW0EkyZeYaMkHcdoVu6MiFUgrW6vDXtrXhTK795ujNm7tHQEiXdsl_KcyJuc8RlBFZH62N0Rqj88

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6EF 13 KB
5 KB 27ms
25ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 11936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 20:06:51 GMT
expires: Wed, 19 Feb 2025 20:06:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 080D 829 B
1 KB 102ms
43ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47b48c4be3c5427132b97fc140c345301475a3f81f958549c7abe9be2343fd76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J_yvqdS1TT9gQxFKBiVLpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-J_yvqdS1TT9gQxFKBiVLpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:47 GMT
expires: Tue, 20 Feb 2024 23:25:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 96ms
94ms Fetch
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://card.villavicastur.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 container.html Show response
f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5129 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:46 GMT
expires: Wed, 19 Feb 2025 23:25:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 127ms
126ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=1.1&b=1&r=villavicastur.com_fluid_sq_cardvillat&sy=b7fdd727-14ef-40ca-9641-bf209b4bbd0b&ts=41&cd=2&pud=394&pus=c&pue=802&pid=40&pis=c&pie=842&ppd=259&pps=a&ppe=1062&pcl=573&ttc=1449&tti=2120&ttif=0&lca=1062&lcak=ppe&lct=1062&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=card.villavicastur.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82c4bba94bc0-BUF

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5528 0
20 B 93ms
92ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8781332862384&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5528 0
20 B 92ms
92ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8781332862384&version=m202401290101&ct=119&x=1&cor=7662307295749869000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5528 93 KB
39 KB 83ms
82ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmD4slfPRcbUpRnXBQNfgg5DJzbztY9oDlNlO6Qp00LEv2AUZHA6BvEbv2SToSZIerkUeto8CNsWl2iUsbWCrZUg37UqdeMsepv0DvQSAltOG80O4kMIml8YqevvdXUN6NgKAq9L8AuqGZ1CTELI19oKXlFVyk1h6VXu0TAGRVCbBNmf14BgyZw_Pr7NZm-6iom1DA&cry=1&dbm_d=AKAmf-AL1Gv5W9muzqs6O8s10XxtIiDYaUnx0D_UXgoFZI1DVn7wvvmmU5uD8gO_l9j7eMeMwJnyquYScJDMFtTM2gaS9Tp0ZpAb-ChKmTM9H_smghfk7sjwk9ms8TOzxUf44ZtqSx_e-399XecGSKl2ZVLaycMD-eB9bPs4i7sSKBvAC_Z5fTs2xuVOZgdNwVLr78YQXHRLTMHbwLwQx6uUxrBfhsJWPLNJSIKK1xH7cG9zClucCThcziRdc3FmZOLmwGDmLa8zxZYJnN7fxGat3FK4GfHObb21UOx_wjswRpH9tzFIGPSb64kG7wJcZ-oczBG4cFnSGjsjyfcYwzXUTIW0c9QDxV9vQXmUAylK2Km-vJJb-UimtTnpADCbaHFCkxoI_qqaHpoa8rilhz3yw_-lGqujP_mlFXWqqoei9zJk-enuDlDOwotWHu4-G6VLc-4S4BRLR4ue_d35O7Wd7VeLxUslXQPPjNGYSpECt76TM9brgEnBzeSmWkCDojN__Q4AfeXrYunzNyCFCNqRDJSriGd5QsOY6KVgM42pezBaPlVOtzgREe8e9ws5kyz_0mCOXCM0AazoGUtBkClXxD-z8a0TGQ8alqxErMEwenM9-W1EOPFMuUQOXikDA5k47UHn2LPfC0lrBRuT299Zyjp6nGR0VR4OHK_0DQZ9gwBO0jQjQVPUEkYSlTkDKluIWMDpYG-2bMHxeQDS4-p4L8bcxnkngQTJ-cLQITZNcXRB56pv2bx9uIbvjqcSiTK-aEQfx0SwTUXIYCbpSpDyo0WDQBZWTlxtPKgkXagcUNdjuOdc0vZprOd_qd8fZXi2DNQx5EQRJ09l9HETznRwZPREIQrb0N6uOMZ2NCNR8HXNj-nC8quOT-GxJrnbuGiqJWGraHM68qhZUghRMBbIeH-cEy2VSG-WUCoURRrFfZ4RAN3YqRo2f4wSrDgj3p0wNuXIhhksZSFOmSQMWSYcSOkfIQOS-N5CwprgVucGosydWj2wd7g3ym9FL_CxmfTt8k5mnDX77P5PTWgd1m-WudL9mr_vXZGbMuw8RDsn6X721TmvJnRMBtm6XxMOeAgJrnUUbeot8CKW5KaumAPU8t-pcqvieicXbAbbAyM0XZYBIOTOiaNSMfSQ9N6rJ7D3Or7ExulmGM7onFeOTnpfHnltKcjdwkIm9W3oCSEHPfLYXqopkwaTDJRrYnJ875gNsqPr9peV3I0cyxdA7Eaqjo-VX9su_etdXeRxnAT4mjgqQxNCe1RGYTuVC4EMZcGULzAVPgqiwNi4RjUOTokTuEq99ZCBwNrPu6dexJS7YJFiI4TB75ozsbOp6Xt20evysvBRC4pePktqEhZ3WtyU-_SV1SmxSamK62OEj6EsiBgWTnOm8OESJdTTOFOsru3YQu9EThOm-7nue2KTflqbmAejiq_E9SWNffqpwKSLo6BcT9QF5BMpfDpTrLU8Mi8TkIbVuNQMhS2jiXFssNCMROS3S53r82cG2_UWHDUdr-8UZoKOdoUD5KwLcKaf3u_4KLnO74SS3ynQXbcHzIcdY8tpv-h78BbG91rEAaDppWtGF2Xm6NXhsYaMHr-R3xw1EOUAAphxCFprqGU6Ul3x1Ad5tajDX0sKkYtZCXHNLGbdGYSf_6wLNPql-cKuvJndplZlyJMryYm3M0pjxy0gAt_Y_Fl0xizlR8TBB7oAOhIdwo3AGhW0Pp9SCezMMW_H_DmrBOCxwy0SoiEHMtE9wC1GODq06mLIt9xLE6OHEiQHTewBZkC6tZh4Dp2AjROPUwQC7MrMx2Ys4ncQsfwsFay8QAlTQNb1UBWqkA4XpJfVLxHw-CBOyUX8zB1b9A7nrAAqYdydagubOHs414CVsr6OG_Xf9LQcgx7mkyP-hTdnqquOtG0hoH-JD1JX3V5qhe17hehp6RrAGj0N6PhFEoFqojKJtvfA-s0hXF7a6cELqHBBsgpFOoHYrYyUwBC-qUSBCC6Va9y0ccXQrKsezVrWJ0umupLJn-56p1g619LPuniteeAatwZMPgG3SKsZJsyHzqW-y3cu-s4yO6WPTPZow5ih5xXpEscwHfQpGELHWC2n6PhBLTM25143Ba5CVNxHs67zjv3G9YAtEhbvARXJjzmpRfR1wRyHzXZUqEoAaQ7X6nOinriFAL82H_F3gjAx_oJdVhsaxYPQnVT9m3nt-oaevLogQzxM4W_YI518kcvc3ccXDqXqljWTb_UXzJnDNt4KyWIRtAZCoaq19tjre0VAgN3oU3swpgJcLbJXmm0qga3KPsezu8LRDhNmB2ykWlAafx2gCXDi0YNdUFQE9Ojbj3QR1cOGIaW9CmqcycmU7GPzjMsYd7P64rTeVgDe-oa9pzXyE5wR6yA1hpsOG59WhKUFP8HEOZdPGjQauKuYJRitzQ5BQjP6TOapFfncP1qqhdk463YtH9M3rYCOyTqQoTYyBsg5ItL2chDHtdNJDoopxA1gOJTyqJ7Uw_FYR5aL3sMFMZlhRamJDycdwYe-Ga7kt7KBCSv3MKed8L0YspSNgHn2xkLn3HO5zF7BKw16e37I9ViJffoRX0A8Ww1btHnUrIWFWckdUXGbuXAv3ZCOPlZyj9QwUYnWslNWb_XAEaVqmznbMefdioqYVvbWfmVwqKpb2DMHhpcXZ5MqJjj6Sy8A2fyXs5UTqlRRmZPV4pGwEi-5G-5QElx1ioTf6vJd4t6hZ-avbeRurYp1gJkaiikfQ1ZFS7F9GAw3lazL1oo7Q7ODOcf-mIgnjtjiQT1FMGByt1Up1LMdVFD7ikjA4QkQjdh1hBoTXykH-_MOvKfUVwN0DYmGEYYr9-G-IJAfctEUslD0WaCmqi6_du7O069Z1-iecvNwtrXgC8M_AKfU9kxXa5hc9kptnyi3vA_EPrWq3VXjjrYZIHUhMQ5P0ykbGciJGRA6CcoH0yi96RcYW10wamNR6zadRdPjhghZN7C1xHC7xGkXbmnHFW2x9l77nQG_Tj6g2DXJrIHyLanmweHUyp-Ckg2lnwvDNG_rS5MKDsNeRoEkh976Z6BfbTjWgd3MAfONhN6kz_xYubSkw8WsIvXz4hDwwzIF6vQwzabDK6Ht8yqOId_qRgLSc5wBcEg-7JaSL7POoae7LHDpNQ85ZhSgLWhrLRuEixoCPVVJVJpvqtwu6wnaMQifzd3_0gCcuKEc05cuBqQBYeiylownbNnGkIMO_gLUtDyWUJb75LBzNokJyaV1yGUOFhrKs10GXOQQ5-lpvp6oNhXn-n92ng9NodCaQ1ANTG3N-lTLynR3vJnRvQ7P5O04x5z2eLzO0LYH8xUUqjZ6Erd8udVI9jCW60Rx6_xdFDHzTdDAXmlAahEUnFlcKp0pmY8lVDx7uZZktFcuh-6bsKojiipTHpcZKc2zpiMcG5dC_hX4vMkUjfemM8FUrbsVWEQVHJrd7QzroyP56UX88cBOVN8-AgeRDIAVb05EOgjbKxcHN85QOVFyuorytPytH43qeSOKRA3IdpK_wFNbUBWa4e-PvtS6Ovy7gtAx9i5SH0CnVvyUbt8ziXTij_yYDewA0pL2qfHcKoYvm7Rmm1bzejEIjfxS4rSRcNElcUmPduVAUcOrtUtQ246JtGjZrpkcxf7lX02daruU6AdHIdH3Dv9RmE4UQQe33igr2v3s3svLgZh26RfGG-mgvjuvyhSC7hg5Kh7RqfLf-PjV03rVwHy3ha_wS59ZndNOGzebLsywdsJ7rNKAJTYS9Tv5lmnmo6wbVby4oH9NgkTo3umL_N6LkkZJeU0Fnw78kI5wBtEGVJpwe14t0pIZstnjkJ7ogx_1A4qUNJ3DjE6dwQHtv7lg24valKj3erYgrLgO6RLEZWOWCENiY_aGtqEfsVWbU7TCpsSU2LRNSYXSzSeQEf6PeXuLvDpAUxhqpnwBXJsP2WaS3e0s6BXIFItVxgu41TwHC-TFao6S1Ah2&cid=CAQSTgAvHhf_ZhpWeqKBtbfif1pboe4M_W0UGgD3WLmMR0Z0mVMsSQ21E1L2-wdhBmo8yDaGjaThbvtF2ZICKJZBU7Jm3fvE2-08RsemWiB9dhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=7662307295749869000&adk=497053792&idt=76&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c6cb27f083a4e4b771ba4c0e1cd2ea1d1655c1da4d8097f58bb41ab29dd7da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39609
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 78EF 624 B
285 B 64ms
61ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjp-46IAjAB&v=APEucNVArIc7m1sb5DLwCYkkKVsQlVhmHzVTZGoqprV9lnbq8uRhvU-aicjdouhY36WMJ1sCovHUxZ0b9UU5fgxiCteYrX82Iw

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5129 93 KB
33 KB 67ms
64ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5129 42 B
63 B 96ms
93ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BImJbggIVNaVQKyEJtPMw7syy6YNF2PIEswmQANmLTDGLpHg3gzdopeTXm5l5-jxyMtizsUr65-hhsFhm7ak7U-oyG-vyoNU82E_qUN56AZ_VMtK8

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5129 3 KB
1 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5129 20 KB
8 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5129 204 KB
61 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 00:01:35 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E6EF 39 KB
15 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9AF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1&C=1

43 B
329 B

60ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNWiTGDv1IX7vwY_XEiAx-buHu4QXUZVvKrG6-jfv2OZWglbqR4fADwlAKkcXfBJChBJcA5kMQSgTXUP8bR9WmXKoHh9ug
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEHvkmnM%2F5QFJCjt6%2FUvUyo%2BFJKX5mkuwdVfcdlxrDYzskgx97SnEwoOj97oJIeyYuln3q8WtLUiBpI0%2FLu2gUSSPJZVFqKe8NFDUvZCON%2F6isgC6mhVZJp8dHyh185PF9aegIetFFqN1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c66d7c3a06-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r9VemACigwr4z0mNIA%2FMzkYzVrZpE2grT7Xs6J8CdHjBeeBZ2XTFCCpHrsVgL335ZjiPGWpojGPjhChCZm53ovUXNJFwKGAix5ci%2BWaNkxrtpFsUVYqtILhTTWpCh7Hve%2Fdqq2ygZzsjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1&C=1
cache-control: no-cache
cf-ray: 858a82c60c7a3a06-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9AF2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM52QAAHpfADNiAgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

43 B
738 B

61ms
61ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNWiTGDv1IX7vwY_XEiAx-buHu4QXUZVvKrG6-jfv2OZWglbqR4fADwlAKkcXfBJChBJcA5kMQSgTXUP8bR9WmXKoHh9ug
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEpg%2FlQFwmCFylMeHzkmnTkL6hxFD%2FEKA4MWvCPPyHfTcs9d3Bje97fqDCMYwt2geyZ%2B%2BgCWqREyM2FaJlUOoe9LJNgMtjYQOkNKunegI1qp22BlzDNUjgBMTsKzK04%2FO%2BfN46MaFy7NDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c75b0d36eb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9AF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_S4kRqSwRFCYVCISZ43ww%26google_cver%3D1

43 B
1 KB

34ms
33ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_S4kRqSwRFCYVCISZ43ww%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNWiTGDv1IX7vwY_XEiAx-buHu4QXUZVvKrG6-jfv2OZWglbqR4fADwlAKkcXfBJChBJcA5kMQSgTXUP8bR9WmXKoHh9ug

Protocol

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
an-x-request-uuid: 8cdf9004-6153-4137-977d-4a5dc2172de8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
an-x-request-uuid: 309fdc97-9b12-431b-8cfa-b224adc368e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_S4kRqSwRFCYVCISZ43ww%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AF2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

170 B
188 B

41ms
40ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
an-x-request-uuid: 86f232b7-fef9-4099-9463-7364d2776b2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 080D 0
0 94ms
93ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402150101&jk=435422456767657&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5129 0
20 B 94ms
93ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5528165585750&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5129 0
20 B 93ms
93ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5528165585750&version=m202401290101&ct=119&x=1&cor=12075180680458375000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5129 94 KB
39 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIfUByL8pyrn7hMz79WLjPedfrvxB3WchpFVcnGA2tLwkHYTXszQFQN8hlfmhvZ-xGseSkTMf5iqgar9S0OJ6mPUjVLIsNxXqRhFt3mroHZfsvNusBNw4ae1FXF054dhrI0rHwnY8bajEM0hrRM0vC1QZrai8ni4tCAbzmxILrsIcZ2R9LOm4gyqMVNITM4StbVu23&cry=1&dbm_d=AKAmf-DerB_85q464mKIhS5Mr71wKyU651b6pBvbtuPHLI_GuvEqZWlCo4oP3EFVgOY4RIIBUpgngbCra10MzCJ-y4HJF7r_d1dM0fkvdU409H24OxKzwFX5xwWZFIlSmw6WYiTIs5r-JUwNox4FDHVR14N-0XcziY73p5wle2_Gg8b1y_rCbLVcbJpuEo6Vcfhy9Lx3IwtNSz9u8DhlHnzwFXYEFvWpRucD5SYyDzrQD8mKGYRxwSKt_wBO7thozTeiZTgpCIk9BojjqmbDwxFm1MUgze3YeLtZ6IdLBj44hhhWw_aDbE508n0NmQEul4XTxjcEOEDlFXU8_h6aJFT9ICU6stH17KVnt93qrnlSrfz44s0nkXp34HhQ0tjoXks5K2dfq2DYQk5tg_N8x6jo-2DhYj-mzEerPRFpazIRr6vhzmeO-65XO2t9MP22YJxyx1KJb8-vRWBDmbFEVD63XwjxV-Jpie6GUNtCHsaL9OwmxsPKLa-5LBawAUAlAP1N2ageJcuzslH9T5Jilt9KZ4s_Ynnj2FpMd9D_sBqNPwpB4CzjxPgZ_7DeDnZczMGVBDO191os__Xxmx7ibxXNvpUU2KwZZWJx_uvSU5gknUxyptGB6DdlWVB1XjqcqXSqprzW1qud0nFahRDepl8l1sxHE1SkSCiTIRiiXgXUlsbX-LZ_VSj5ZOA1v20rXeFPUF6ZyoQJbbIYR_2By_atNRRB_m0aQTRJ5PycHyodv36bt0RwGOqBhzFCxNTELNEjiCN4wbtBF5svA96XGn6gtz3UvKkzisxNdxJT9V5EvPymf3eGkblmwCahfagODrAcgDFkSInFiBOVIZ0U6ac9pODiFHpiOEWwlydU-JfDAkp8uYxU6dT4E2q3TIjsvA7p8wDO-1akKR8HmH-5KP32h2WO4aUoglQZPwLN0fq1eKDzkAEj1029YBwFcmTWfyLReivP74d5NMYNJYReap42a_yD_8JgYlSWRrgeEmXhsyUb-AEA7xnlf5tRtNHBdgpeNOaZTeLbGIJMTbUBPlGTlZMMSzKOz0SUbKW0H3Y2qdHZlGCVtl_SK0A9mW6P8nE7x1zvx6yTdaYSUI5XB4C5Hmsy8dkmVeoX8rFsJPVsNWXNk6u0E6m_EJ4ADKUBcd2yCKL-e7oop2E_H_wRp8X-uAygl9Sh2pyjwkvpocWhnsvibZVc2B1bcvWzDErr5BHnjX0rfzwhIgGklLtP4r6eXd-RoluJTclIAbkbLGnlH3Fj1JsHJEwpL4yf1g4YkCLcoPLKBKml53UsoQbrm_OXjAxm2LUa3j7jpFE_kglF1KlRE1tKbkY9dfNaXLV7y8ArUhCcFl4GwxVSxSOl1TYae3bdvXKf-rPCKFoJhqJntSwiNKGC-TnjK7rqCZCZTOmEsaOCQECAgyqupYLwmrr90XKBhZUzsOebVAEcInK_e-Z2Ew5CoZPGRyYsvxmbNvG7rWrq6l_hvQiMzTaKlCh8TTNSY2Ft0AGPQLHePnZFtRwLTXIJbqnEojua1ibFXMxNmO2LT_6eCP2cEuuSVNJuXMaOvREa1l3MhGkX6vnUZUEYVRvAmOfIdfhK0FNnN_jjjs-0nSRbxd2HKTMFYxUy9t6-icBURuK4Skkg42fN5FeNt0bNWFDtZMJrdA756k36ANBGXuehWaqSlSn2B89V_XOxDbqDeRXJNBIJcgnTEnv0sgq4YJ9eeHtL3YRAmC-kwo6_bgBL3Qmu4o0kNQyxO3MRrtTR5zRXIWQtk7o_CMDrDb7aOleyXrCpNi_rqU2QlFlKzS_3XZQlnAa4uEbK3UByJf-fN4Z_kP79DsrXWi7plifvyOTRop1GMb1r7Rvlwn1tdO6r_WdSNE4LLdwXc0ljMRbyDfzUXISIYykmLquS-5OK9kSkme1NgHrC4Ri0DVOIgIwhoURCViO2FEAPgEE4g_be_1NgpmP04U6tDGmRWKBLE15zuyHr5QJCmGmgJ9rkKYAtqx2NdoNLqWMQ2R7BjZf0ZLhMo3ftbKUva-bvvYBE2UGTzDrMYl_ntzmvXH2VJeSHI0-jRItb6Oxik2CTQJ5oVqXINdP6ZeN63TZVaqz6rNwGxpihJh6W3L7MoSEDhk8mTkavZJlYFrLfxpzCvMlrrg8M9OGpuf91b9j5H5gVqrWjJGa3w8mZPZFN5tg7wDM-jpnB_gZiRTwxTDi2W99IUQHpWb-Qv3ryo84agoYetiw3CujPnwWoXBSJMLe5fPTbfPzmc3NyPeK-uYeS7BukrWD8bMsLr0E2DE82KHiEZaTsKuYjFY1x2mLcf851OD7PKbURetpuIhSOKtKuiuEf4Y7ZydKd0ZbMLGbPd39jpyUhr-Tiz4JTx-3nIteTGeYXVnqRQAFskhniftU_oxC_Yyrw1yweQ0KwmkvEWzIJcCjO_lpT2ucfjRIok0-6EbrADaTe-ZqWaiRRGVmoQsBBkxo4H6iaz6kiaFiNkn3r5SKHuYcNZOC4hKnR25kMfcC8X7Y1A8wRQXEQVHXYz9zk8MAKgJv3SAmslTHiUSR-h1nnqdhWogtOrKPf1Zc8GJPw-56Qye3xjBrLdGIWvSH7JKklsJK9euW5Nt9GsRdnmc3Cwgk_fZJdGlDv2A2KUH7DfwVoUHvs--Ute73mg-JHPYkmqIYPUgCTuiblVsOi8tROjAqJa1-5jWa1eJiW4zUZCcMD7Vtwv_ms0_zsH5T_Ut4uFThUc8LjoZYgVrUqX55msXo_cr1tpe4mjPwO7wkdKP353y7qIKwR55AX9vtbzWEMa5-sxNsFyBMAZLYpGABEyG-Fw8PUzhCgbIh8pAQwk2lLDAunveNaddyevHQi5fBGB10SswLo3inusqRs1YRYcijc8GTb-_1EVjauy9sLj-GH1uwaYstB7EHl0XiUVH5TR19uf0gTqj69Ogxf-OAs63v2T_BzMsyBYl1bOCPmJN5bfEg8_YRo9RN-xo5CiCj9L0AyHFZFLJGMXwEL_uxbMYQ5pVzntWBAI5j4Ia-L8V78a3Ka6cbcf14D4TU-uJKLj0pOr-Wv2Lkgv4JWYfTYVa8Y4rgxi4DHD8Cy40Kz68p8cOD6sdMJAcUuQuyz_3HSdro7pKmzl3rGJfQVz6sufShIXC5ugXYanBco46o-GZRo7umnunjbkxtcEaMUQcgb5DSM9IPYmo_DWuDoltDtDfybBp8Z8LwCQyykrbZG3Bb_3hGrXeMCLMDv3Kp_4el1hek2t273B4HrTa7ed1sEKHF8piYpfDfQXoBluVDVKYAREeSOV2lzpxCprdnCloULeTDpMywCvbSead4cT62zXqybE4K-9Ft38Z9tnzN_xLISOGU23g2HKePvTRs3K7_1RYjqzV1fYw1R0LL5R95bYFVOELqH19LQDlJIRQrSR2aW3i_IECIvJtuI5ILKSUpDlASQraL53XH4W4alDxXvunuc58e3tDfzb_wqc2HX3U53TyQUoD_tY0nX_R7hejAx7yZbLCGmfh5XqDEVb-bCT3eVUzl9QwJa4VjEs-MiBZaUcnFieqtVG4zm9XqIbfwzFZ9v7ttZmmGmW5_0t2M_9zW8YH2UnMFUJmUE8Jmd-3fGt9ZzRJu0EUmHK8zpSre-5YJmN8GAYurdM8bIMrq3S4TcEA8HfVXzG6A7gPGPPrE8-SjTs5EFgmfwDqMjDiCfiVTlpmOp6BWzM_kLUqxzWkDGLcujJ_wZIyZfOs01vzXngNLzEspXBLOwvYNVvj9SJl0VF844EcKsp63UxYSDWZBJoiHe_mx_9q-jgeHjF_XXgu4N8oBvmcf13pmqQkNiUpzJce2imOZKHOrWCyI6X9tl1N89tsV8D_yduW2Ozy1Of2X6IdqesAvDGuc7WDnj_g2N5yNEmCSqCm-36v9zAersaw3bnHmTFKNCKj9ftD6gXAhx5gy-4b8-jLlMS1c9vXvg3JJ8xIsvv0-H7MGnpCKiU4vUTceKsKNksDHqjahq9R18puvmsNrsWG1UPETAyVM09JwhJE2-C60Pjl2nRP-YuaU2THLbp-b8BarMETG4WeE7BjttP9LkQ5Y4u7u8qsJG9B-0nFNOiiRnS8JCF0HcV64KGWP3z_ABNMdr9_CPwNyz3k2fRcOdDhyjag&cid=CAQSTgAvHhf_tG-OaRNKMBAnB2BAw3Xvu39djSadtdh3HGS0hRpxIutBYdPHdxry0XEDm4EK2vYYc9wB6oTZ5GZJxcVkRvJh4PITiIx2Tr8ShhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=12075180680458375000&adk=3047537734&idt=76&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e7964e774abbbb00f05458eba6d7b4cfbd9bb3dc433c727d1d4fe8b6c71ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5528 172 KB
61 KB 91ms
24ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Origin: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 5528 12 KB
4 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmD4slfPRcbUpRnXBQNfgg5DJzbztY9oDlNlO6Qp00LEv2AUZHA6BvEbv2SToSZIerkUeto8CNsWl2iUsbWCrZUg37UqdeMsepv0DvQSAltOG80O4kMIml8YqevvdXUN6NgKAq9L8AuqGZ1CTELI19oKXlFVyk1h6VXu0TAGRVCbBNmf14BgyZw_Pr7NZm-6iom1DA&cry=1&dbm_d=AKAmf-AL1Gv5W9muzqs6O8s10XxtIiDYaUnx0D_UXgoFZI1DVn7wvvmmU5uD8gO_l9j7eMeMwJnyquYScJDMFtTM2gaS9Tp0ZpAb-ChKmTM9H_smghfk7sjwk9ms8TOzxUf44ZtqSx_e-399XecGSKl2ZVLaycMD-eB9bPs4i7sSKBvAC_Z5fTs2xuVOZgdNwVLr78YQXHRLTMHbwLwQx6uUxrBfhsJWPLNJSIKK1xH7cG9zClucCThcziRdc3FmZOLmwGDmLa8zxZYJnN7fxGat3FK4GfHObb21UOx_wjswRpH9tzFIGPSb64kG7wJcZ-oczBG4cFnSGjsjyfcYwzXUTIW0c9QDxV9vQXmUAylK2Km-vJJb-UimtTnpADCbaHFCkxoI_qqaHpoa8rilhz3yw_-lGqujP_mlFXWqqoei9zJk-enuDlDOwotWHu4-G6VLc-4S4BRLR4ue_d35O7Wd7VeLxUslXQPPjNGYSpECt76TM9brgEnBzeSmWkCDojN__Q4AfeXrYunzNyCFCNqRDJSriGd5QsOY6KVgM42pezBaPlVOtzgREe8e9ws5kyz_0mCOXCM0AazoGUtBkClXxD-z8a0TGQ8alqxErMEwenM9-W1EOPFMuUQOXikDA5k47UHn2LPfC0lrBRuT299Zyjp6nGR0VR4OHK_0DQZ9gwBO0jQjQVPUEkYSlTkDKluIWMDpYG-2bMHxeQDS4-p4L8bcxnkngQTJ-cLQITZNcXRB56pv2bx9uIbvjqcSiTK-aEQfx0SwTUXIYCbpSpDyo0WDQBZWTlxtPKgkXagcUNdjuOdc0vZprOd_qd8fZXi2DNQx5EQRJ09l9HETznRwZPREIQrb0N6uOMZ2NCNR8HXNj-nC8quOT-GxJrnbuGiqJWGraHM68qhZUghRMBbIeH-cEy2VSG-WUCoURRrFfZ4RAN3YqRo2f4wSrDgj3p0wNuXIhhksZSFOmSQMWSYcSOkfIQOS-N5CwprgVucGosydWj2wd7g3ym9FL_CxmfTt8k5mnDX77P5PTWgd1m-WudL9mr_vXZGbMuw8RDsn6X721TmvJnRMBtm6XxMOeAgJrnUUbeot8CKW5KaumAPU8t-pcqvieicXbAbbAyM0XZYBIOTOiaNSMfSQ9N6rJ7D3Or7ExulmGM7onFeOTnpfHnltKcjdwkIm9W3oCSEHPfLYXqopkwaTDJRrYnJ875gNsqPr9peV3I0cyxdA7Eaqjo-VX9su_etdXeRxnAT4mjgqQxNCe1RGYTuVC4EMZcGULzAVPgqiwNi4RjUOTokTuEq99ZCBwNrPu6dexJS7YJFiI4TB75ozsbOp6Xt20evysvBRC4pePktqEhZ3WtyU-_SV1SmxSamK62OEj6EsiBgWTnOm8OESJdTTOFOsru3YQu9EThOm-7nue2KTflqbmAejiq_E9SWNffqpwKSLo6BcT9QF5BMpfDpTrLU8Mi8TkIbVuNQMhS2jiXFssNCMROS3S53r82cG2_UWHDUdr-8UZoKOdoUD5KwLcKaf3u_4KLnO74SS3ynQXbcHzIcdY8tpv-h78BbG91rEAaDppWtGF2Xm6NXhsYaMHr-R3xw1EOUAAphxCFprqGU6Ul3x1Ad5tajDX0sKkYtZCXHNLGbdGYSf_6wLNPql-cKuvJndplZlyJMryYm3M0pjxy0gAt_Y_Fl0xizlR8TBB7oAOhIdwo3AGhW0Pp9SCezMMW_H_DmrBOCxwy0SoiEHMtE9wC1GODq06mLIt9xLE6OHEiQHTewBZkC6tZh4Dp2AjROPUwQC7MrMx2Ys4ncQsfwsFay8QAlTQNb1UBWqkA4XpJfVLxHw-CBOyUX8zB1b9A7nrAAqYdydagubOHs414CVsr6OG_Xf9LQcgx7mkyP-hTdnqquOtG0hoH-JD1JX3V5qhe17hehp6RrAGj0N6PhFEoFqojKJtvfA-s0hXF7a6cELqHBBsgpFOoHYrYyUwBC-qUSBCC6Va9y0ccXQrKsezVrWJ0umupLJn-56p1g619LPuniteeAatwZMPgG3SKsZJsyHzqW-y3cu-s4yO6WPTPZow5ih5xXpEscwHfQpGELHWC2n6PhBLTM25143Ba5CVNxHs67zjv3G9YAtEhbvARXJjzmpRfR1wRyHzXZUqEoAaQ7X6nOinriFAL82H_F3gjAx_oJdVhsaxYPQnVT9m3nt-oaevLogQzxM4W_YI518kcvc3ccXDqXqljWTb_UXzJnDNt4KyWIRtAZCoaq19tjre0VAgN3oU3swpgJcLbJXmm0qga3KPsezu8LRDhNmB2ykWlAafx2gCXDi0YNdUFQE9Ojbj3QR1cOGIaW9CmqcycmU7GPzjMsYd7P64rTeVgDe-oa9pzXyE5wR6yA1hpsOG59WhKUFP8HEOZdPGjQauKuYJRitzQ5BQjP6TOapFfncP1qqhdk463YtH9M3rYCOyTqQoTYyBsg5ItL2chDHtdNJDoopxA1gOJTyqJ7Uw_FYR5aL3sMFMZlhRamJDycdwYe-Ga7kt7KBCSv3MKed8L0YspSNgHn2xkLn3HO5zF7BKw16e37I9ViJffoRX0A8Ww1btHnUrIWFWckdUXGbuXAv3ZCOPlZyj9QwUYnWslNWb_XAEaVqmznbMefdioqYVvbWfmVwqKpb2DMHhpcXZ5MqJjj6Sy8A2fyXs5UTqlRRmZPV4pGwEi-5G-5QElx1ioTf6vJd4t6hZ-avbeRurYp1gJkaiikfQ1ZFS7F9GAw3lazL1oo7Q7ODOcf-mIgnjtjiQT1FMGByt1Up1LMdVFD7ikjA4QkQjdh1hBoTXykH-_MOvKfUVwN0DYmGEYYr9-G-IJAfctEUslD0WaCmqi6_du7O069Z1-iecvNwtrXgC8M_AKfU9kxXa5hc9kptnyi3vA_EPrWq3VXjjrYZIHUhMQ5P0ykbGciJGRA6CcoH0yi96RcYW10wamNR6zadRdPjhghZN7C1xHC7xGkXbmnHFW2x9l77nQG_Tj6g2DXJrIHyLanmweHUyp-Ckg2lnwvDNG_rS5MKDsNeRoEkh976Z6BfbTjWgd3MAfONhN6kz_xYubSkw8WsIvXz4hDwwzIF6vQwzabDK6Ht8yqOId_qRgLSc5wBcEg-7JaSL7POoae7LHDpNQ85ZhSgLWhrLRuEixoCPVVJVJpvqtwu6wnaMQifzd3_0gCcuKEc05cuBqQBYeiylownbNnGkIMO_gLUtDyWUJb75LBzNokJyaV1yGUOFhrKs10GXOQQ5-lpvp6oNhXn-n92ng9NodCaQ1ANTG3N-lTLynR3vJnRvQ7P5O04x5z2eLzO0LYH8xUUqjZ6Erd8udVI9jCW60Rx6_xdFDHzTdDAXmlAahEUnFlcKp0pmY8lVDx7uZZktFcuh-6bsKojiipTHpcZKc2zpiMcG5dC_hX4vMkUjfemM8FUrbsVWEQVHJrd7QzroyP56UX88cBOVN8-AgeRDIAVb05EOgjbKxcHN85QOVFyuorytPytH43qeSOKRA3IdpK_wFNbUBWa4e-PvtS6Ovy7gtAx9i5SH0CnVvyUbt8ziXTij_yYDewA0pL2qfHcKoYvm7Rmm1bzejEIjfxS4rSRcNElcUmPduVAUcOrtUtQ246JtGjZrpkcxf7lX02daruU6AdHIdH3Dv9RmE4UQQe33igr2v3s3svLgZh26RfGG-mgvjuvyhSC7hg5Kh7RqfLf-PjV03rVwHy3ha_wS59ZndNOGzebLsywdsJ7rNKAJTYS9Tv5lmnmo6wbVby4oH9NgkTo3umL_N6LkkZJeU0Fnw78kI5wBtEGVJpwe14t0pIZstnjkJ7ogx_1A4qUNJ3DjE6dwQHtv7lg24valKj3erYgrLgO6RLEZWOWCENiY_aGtqEfsVWbU7TCpsSU2LRNSYXSzSeQEf6PeXuLvDpAUxhqpnwBXJsP2WaS3e0s6BXIFItVxgu41TwHC-TFao6S1Ah2&cid=CAQSTgAvHhf_ZhpWeqKBtbfif1pboe4M_W0UGgD3WLmMR0Z0mVMsSQ21E1L2-wdhBmo8yDaGjaThbvtF2ZICKJZBU7Jm3fvE2-08RsemWiB9dhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=7662307295749869000&adk=497053792&idt=76&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:02:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5528 30 KB
11 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5528 41 KB
14 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 5528 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f351216ee5513fb69321351a40b9dccd530e80f63e4a88406da1a3b5fe282bcb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 78EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1

43 B
346 B

61ms
58ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjp-46IAjAB&v=APEucNVArIc7m1sb5DLwCYkkKVsQlVhmHzVTZGoqprV9lnbq8uRhvU-aicjdouhY36WMJ1sCovHUxZ0b9UU5fgxiCteYrX82Iw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZkgT0eC1WZCiS69rbmEOijYuEojl7DXEpuhzEKZlz4%2FldzN1qT4ULX%2FZ67oKhV%2FAh%2Fqy4zPwONe%2Bd7c%2FJQgnOUOZ9xyDNqctMA5ar3bf2iWUfSknG%2FF%2BavDhzTmJZf2yTgfgwHnDe7nRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c66d713a06-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK5KtwiAM9pollZTE7Pr2rs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 78EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM6e0AAG-UAB2LagAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

43 B
733 B

55ms
55ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjp-46IAjAB&v=APEucNVArIc7m1sb5DLwCYkkKVsQlVhmHzVTZGoqprV9lnbq8uRhvU-aicjdouhY36WMJ1sCovHUxZ0b9UU5fgxiCteYrX82Iw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuBr86gmfnBL8Vys1guHSkr4i1C17RWJJH2Kcv%2BPm6FRoxdTNy6w4gBIvVAsC6eaBsRvZySeacTR%2BtUiv%2FwkOb6IttFQ1bp5m7PBrn4Z8PjzG53MDGlZXYFsnC7fwRjZRHdTkxwhbU6pMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c75b1836eb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 78EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1

43 B
1 KB

36ms
33ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhjp-46IAjAB&v=APEucNVArIc7m1sb5DLwCYkkKVsQlVhmHzVTZGoqprV9lnbq8uRhvU-aicjdouhY36WMJ1sCovHUxZ0b9UU5fgxiCteYrX82Iw

Protocol

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
an-x-request-uuid: 7dd82522-e7e6-4742-a18f-bb760211893d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN_S4kRqSwRFCYVCISZ43ww&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

170 B
188 B

42ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:47 GMT
an-x-request-uuid: 8e2eb17a-49af-4252-a415-995c40525623
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E6EF 0
10 B 26ms
26ms Image
text/plain 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8h-Lfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 770D 38 KB
13 KB 25ms
24ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 417843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5129 172 KB
60 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Origin: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 5129 12 KB
4 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIfUByL8pyrn7hMz79WLjPedfrvxB3WchpFVcnGA2tLwkHYTXszQFQN8hlfmhvZ-xGseSkTMf5iqgar9S0OJ6mPUjVLIsNxXqRhFt3mroHZfsvNusBNw4ae1FXF054dhrI0rHwnY8bajEM0hrRM0vC1QZrai8ni4tCAbzmxILrsIcZ2R9LOm4gyqMVNITM4StbVu23&cry=1&dbm_d=AKAmf-DerB_85q464mKIhS5Mr71wKyU651b6pBvbtuPHLI_GuvEqZWlCo4oP3EFVgOY4RIIBUpgngbCra10MzCJ-y4HJF7r_d1dM0fkvdU409H24OxKzwFX5xwWZFIlSmw6WYiTIs5r-JUwNox4FDHVR14N-0XcziY73p5wle2_Gg8b1y_rCbLVcbJpuEo6Vcfhy9Lx3IwtNSz9u8DhlHnzwFXYEFvWpRucD5SYyDzrQD8mKGYRxwSKt_wBO7thozTeiZTgpCIk9BojjqmbDwxFm1MUgze3YeLtZ6IdLBj44hhhWw_aDbE508n0NmQEul4XTxjcEOEDlFXU8_h6aJFT9ICU6stH17KVnt93qrnlSrfz44s0nkXp34HhQ0tjoXks5K2dfq2DYQk5tg_N8x6jo-2DhYj-mzEerPRFpazIRr6vhzmeO-65XO2t9MP22YJxyx1KJb8-vRWBDmbFEVD63XwjxV-Jpie6GUNtCHsaL9OwmxsPKLa-5LBawAUAlAP1N2ageJcuzslH9T5Jilt9KZ4s_Ynnj2FpMd9D_sBqNPwpB4CzjxPgZ_7DeDnZczMGVBDO191os__Xxmx7ibxXNvpUU2KwZZWJx_uvSU5gknUxyptGB6DdlWVB1XjqcqXSqprzW1qud0nFahRDepl8l1sxHE1SkSCiTIRiiXgXUlsbX-LZ_VSj5ZOA1v20rXeFPUF6ZyoQJbbIYR_2By_atNRRB_m0aQTRJ5PycHyodv36bt0RwGOqBhzFCxNTELNEjiCN4wbtBF5svA96XGn6gtz3UvKkzisxNdxJT9V5EvPymf3eGkblmwCahfagODrAcgDFkSInFiBOVIZ0U6ac9pODiFHpiOEWwlydU-JfDAkp8uYxU6dT4E2q3TIjsvA7p8wDO-1akKR8HmH-5KP32h2WO4aUoglQZPwLN0fq1eKDzkAEj1029YBwFcmTWfyLReivP74d5NMYNJYReap42a_yD_8JgYlSWRrgeEmXhsyUb-AEA7xnlf5tRtNHBdgpeNOaZTeLbGIJMTbUBPlGTlZMMSzKOz0SUbKW0H3Y2qdHZlGCVtl_SK0A9mW6P8nE7x1zvx6yTdaYSUI5XB4C5Hmsy8dkmVeoX8rFsJPVsNWXNk6u0E6m_EJ4ADKUBcd2yCKL-e7oop2E_H_wRp8X-uAygl9Sh2pyjwkvpocWhnsvibZVc2B1bcvWzDErr5BHnjX0rfzwhIgGklLtP4r6eXd-RoluJTclIAbkbLGnlH3Fj1JsHJEwpL4yf1g4YkCLcoPLKBKml53UsoQbrm_OXjAxm2LUa3j7jpFE_kglF1KlRE1tKbkY9dfNaXLV7y8ArUhCcFl4GwxVSxSOl1TYae3bdvXKf-rPCKFoJhqJntSwiNKGC-TnjK7rqCZCZTOmEsaOCQECAgyqupYLwmrr90XKBhZUzsOebVAEcInK_e-Z2Ew5CoZPGRyYsvxmbNvG7rWrq6l_hvQiMzTaKlCh8TTNSY2Ft0AGPQLHePnZFtRwLTXIJbqnEojua1ibFXMxNmO2LT_6eCP2cEuuSVNJuXMaOvREa1l3MhGkX6vnUZUEYVRvAmOfIdfhK0FNnN_jjjs-0nSRbxd2HKTMFYxUy9t6-icBURuK4Skkg42fN5FeNt0bNWFDtZMJrdA756k36ANBGXuehWaqSlSn2B89V_XOxDbqDeRXJNBIJcgnTEnv0sgq4YJ9eeHtL3YRAmC-kwo6_bgBL3Qmu4o0kNQyxO3MRrtTR5zRXIWQtk7o_CMDrDb7aOleyXrCpNi_rqU2QlFlKzS_3XZQlnAa4uEbK3UByJf-fN4Z_kP79DsrXWi7plifvyOTRop1GMb1r7Rvlwn1tdO6r_WdSNE4LLdwXc0ljMRbyDfzUXISIYykmLquS-5OK9kSkme1NgHrC4Ri0DVOIgIwhoURCViO2FEAPgEE4g_be_1NgpmP04U6tDGmRWKBLE15zuyHr5QJCmGmgJ9rkKYAtqx2NdoNLqWMQ2R7BjZf0ZLhMo3ftbKUva-bvvYBE2UGTzDrMYl_ntzmvXH2VJeSHI0-jRItb6Oxik2CTQJ5oVqXINdP6ZeN63TZVaqz6rNwGxpihJh6W3L7MoSEDhk8mTkavZJlYFrLfxpzCvMlrrg8M9OGpuf91b9j5H5gVqrWjJGa3w8mZPZFN5tg7wDM-jpnB_gZiRTwxTDi2W99IUQHpWb-Qv3ryo84agoYetiw3CujPnwWoXBSJMLe5fPTbfPzmc3NyPeK-uYeS7BukrWD8bMsLr0E2DE82KHiEZaTsKuYjFY1x2mLcf851OD7PKbURetpuIhSOKtKuiuEf4Y7ZydKd0ZbMLGbPd39jpyUhr-Tiz4JTx-3nIteTGeYXVnqRQAFskhniftU_oxC_Yyrw1yweQ0KwmkvEWzIJcCjO_lpT2ucfjRIok0-6EbrADaTe-ZqWaiRRGVmoQsBBkxo4H6iaz6kiaFiNkn3r5SKHuYcNZOC4hKnR25kMfcC8X7Y1A8wRQXEQVHXYz9zk8MAKgJv3SAmslTHiUSR-h1nnqdhWogtOrKPf1Zc8GJPw-56Qye3xjBrLdGIWvSH7JKklsJK9euW5Nt9GsRdnmc3Cwgk_fZJdGlDv2A2KUH7DfwVoUHvs--Ute73mg-JHPYkmqIYPUgCTuiblVsOi8tROjAqJa1-5jWa1eJiW4zUZCcMD7Vtwv_ms0_zsH5T_Ut4uFThUc8LjoZYgVrUqX55msXo_cr1tpe4mjPwO7wkdKP353y7qIKwR55AX9vtbzWEMa5-sxNsFyBMAZLYpGABEyG-Fw8PUzhCgbIh8pAQwk2lLDAunveNaddyevHQi5fBGB10SswLo3inusqRs1YRYcijc8GTb-_1EVjauy9sLj-GH1uwaYstB7EHl0XiUVH5TR19uf0gTqj69Ogxf-OAs63v2T_BzMsyBYl1bOCPmJN5bfEg8_YRo9RN-xo5CiCj9L0AyHFZFLJGMXwEL_uxbMYQ5pVzntWBAI5j4Ia-L8V78a3Ka6cbcf14D4TU-uJKLj0pOr-Wv2Lkgv4JWYfTYVa8Y4rgxi4DHD8Cy40Kz68p8cOD6sdMJAcUuQuyz_3HSdro7pKmzl3rGJfQVz6sufShIXC5ugXYanBco46o-GZRo7umnunjbkxtcEaMUQcgb5DSM9IPYmo_DWuDoltDtDfybBp8Z8LwCQyykrbZG3Bb_3hGrXeMCLMDv3Kp_4el1hek2t273B4HrTa7ed1sEKHF8piYpfDfQXoBluVDVKYAREeSOV2lzpxCprdnCloULeTDpMywCvbSead4cT62zXqybE4K-9Ft38Z9tnzN_xLISOGU23g2HKePvTRs3K7_1RYjqzV1fYw1R0LL5R95bYFVOELqH19LQDlJIRQrSR2aW3i_IECIvJtuI5ILKSUpDlASQraL53XH4W4alDxXvunuc58e3tDfzb_wqc2HX3U53TyQUoD_tY0nX_R7hejAx7yZbLCGmfh5XqDEVb-bCT3eVUzl9QwJa4VjEs-MiBZaUcnFieqtVG4zm9XqIbfwzFZ9v7ttZmmGmW5_0t2M_9zW8YH2UnMFUJmUE8Jmd-3fGt9ZzRJu0EUmHK8zpSre-5YJmN8GAYurdM8bIMrq3S4TcEA8HfVXzG6A7gPGPPrE8-SjTs5EFgmfwDqMjDiCfiVTlpmOp6BWzM_kLUqxzWkDGLcujJ_wZIyZfOs01vzXngNLzEspXBLOwvYNVvj9SJl0VF844EcKsp63UxYSDWZBJoiHe_mx_9q-jgeHjF_XXgu4N8oBvmcf13pmqQkNiUpzJce2imOZKHOrWCyI6X9tl1N89tsV8D_yduW2Ozy1Of2X6IdqesAvDGuc7WDnj_g2N5yNEmCSqCm-36v9zAersaw3bnHmTFKNCKj9ftD6gXAhx5gy-4b8-jLlMS1c9vXvg3JJ8xIsvv0-H7MGnpCKiU4vUTceKsKNksDHqjahq9R18puvmsNrsWG1UPETAyVM09JwhJE2-C60Pjl2nRP-YuaU2THLbp-b8BarMETG4WeE7BjttP9LkQ5Y4u7u8qsJG9B-0nFNOiiRnS8JCF0HcV64KGWP3z_ABNMdr9_CPwNyz3k2fRcOdDhyjag&cid=CAQSTgAvHhf_tG-OaRNKMBAnB2BAw3Xvu39djSadtdh3HGS0hRpxIutBYdPHdxry0XEDm4EK2vYYc9wB6oTZ5GZJxcVkRvJh4PITiIx2Tr8ShhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=12075180680458375000&adk=3047537734&idt=76&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:02:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5129 30 KB
11 KB 39ms
39ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5129 41 KB
14 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 5129 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3c2433d6508b78d5d8c4bdea7c25fbe9195582b27ced686ca40ebc88108fd0d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 88 KB
23 KB 89ms
40ms Document
text/html 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc75105ce4ce3cf9f561899ff717756705ff49c5428dbfffd737986be5fdc417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:48 GMT
expires: Wed, 19 Feb 2025 23:25:48 GMT
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5528 0
0 162ms
74ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvl7Hiceaz8w8YWXx6gdGuqhypLxTJbvvzBukiL5tvrxH0-A5-39SzoNl83z8wHycWKgDvRz6qXutLuHWNqUxw22Y7WRrpkOUGz74B9u7ggdZAPbYUP9lS61pMh7pF8I94CA7zVeLCyzK1cQ41XLNOd1z_aDWPd-_t12CRWjwVVenM0clBgnbMRqxf5DRaTQ1thfHHyLSBUZAZApvxeoJYf9EALGPfYUqtyCcdOLQLjbJC5FFLVreQU4VwfjuEGA4mxd6dNyq8yOeLjU7jcW66EFQvQKX62wzV5sFtpMpmcyb0eywJuQC-3ogv17YUfmFM6gaX1L8kkWiucciszXjKKYeFAG4tbqJkMqVICA1uVRmLtm0d0X7UsorX6ket9nl2FjQBxqDz8hJ-QATdMgQ7MGLKfgl_RaBwdf4SD0hHyMduu2RuOzV57USd9beUjv66fvHW5_Xi63gJX12xLDDJbEVoNzHTgpjvWcBOTDZrXfhsEfvFvog8GGXqjvs0YtKkhB4TjKu5NkBZGi43WoZFpP5Civ3s5LIlCfYRlx2LM8tYRRgVN7QVz0S5cpzFUCJrGzNhmjWjf-7WYDOSJca_w7Ariq28iV9ZuodEtqfBBT5JfX0q2bxUIjiCD_BYgEHtrTSSCKFtqfYnC12kHghFB4X174PeQJP96WJdAFkK_1eZzzQQ2C-Qw4dTnKRJDPfBbG3_b3TOlv9kSkhaIjzrwxrRxudbMM7yp3fgVZnqJI9eHzAi3Uu8n-1PhhWmUbyYvlniUFaeZ03W0lKPq55q89TrkQ7pJMbAFvfkF4DHfDNo6iDZ5VsKeD3k0soGtt8cRVGbkJzFO4NaXLJ5cSN2OUF65ZbBdedEVFwiiU5IBY2Buopns-dyMbbsgG052YAQgYZvainur7nia_gm3aBVwjRNntXKuJLYyBA_KI0nXlFjIYvSjwn1Qa0giDxC0E7XvQBCOsM3pvxLaYspstOF2tNB-2j4CnwzQYeckM2PQnNO2vGNjSlBXoCJJvx65Gi11NS0mQYZmfn6loWQJWl_oNMPT3lECNenCEYDpnV2Etwe6etyGWdF4-usdE5oHbb7sLojMsXzssb91qYjXmW9CTqyEl96owJg6mmhIh-29l0s6FgayKRuaKOI1NiAT7LKYTXpLb7CsoM756Ne7sZ2ClS60sJtHWunxZcXctErsCAB5w80xdE6fK_5xFJTAHwYN3AKlZW9Gr__VH2_kJFXJ8ftWjfA39GCvQu3MDgsc0ZVfi9uB62w5l9zynAw-tOtDJzAO0dNW5Vz_VEhkWMwesTcxIF_wzAKseYpS4rHzgMa-a1RKlN-pkwl2moo86_pAN2QU31-LHcYSW_BwlZ1NGZpbHdIDCSX798YP8AdbNpOvfG1CZLwhwnEk3JKgT4Dc1NGNIzBO4bQKcwD5C6hN1Am3wInXoXZbnhriiMAVbHWhO8Deyt21fcKh626_uRo2OLXRgZ7rSfuIsC00VfsB3yWlvkYLVm1QzrVT1wfS_CQ6kJgEInLqSRVqTg4ZJB-hqxL_dG3vf8XIAAbyRs&sai=AMfl-YRScaixE7gaIQzTdDU6AbLWOmQnoX-uQnsiLOQTCqCn0BAGbalWSU1ZlV8wxwKXCNLLs3aXdXPG3XIXUq-cNRbWS8OpALUNboWNVcTfCT-9-bD62GfuqHLugxNXRPYUZ1GzX2MC7TFev9kXUcZ1ilizhcXcBoSd4S6X0DQk6mLY264-O9oRrZah8y85onJRXKqOv5Ip4BmRrkSG97_JrnatDrR8wMzwC8v4iwUljj5axXOeQpVZBoYBd_4XhUHyNPLozj7LC6XlMfxlFNmXeZRF9-AdWUIiHEWiqQ&sig=Cg0ArKJSzKm8nATLuxcZEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=259&cbvp=1&cstd=242&cisv=r20240215.32871&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3464665840532433707/ Frame 9C2D 88 KB
23 KB 55ms
44ms Document
text/html 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0805770ca80523ede8be5dc87ab19f9ab5dba0903249df9f7c982b912995d895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:48 GMT
expires: Wed, 19 Feb 2025 23:25:48 GMT
last-modified: Thu, 15 Feb 2024 20:19:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5129 0
0 124ms
73ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLBfdFI_Bb86HJLc9WTduEx1FUSCjy4AFrKrXphAClA7yDqOW8vplfZ0YbIjQrEIZWC1dd1M8PfikLR-SMqTDyS80zdKkddf2bqh7NI-APAwfGSmUOigmPfbJ4bdjpVPoUQwySwo0eVEJyqtbLxY-RI3oIdFKPiwKO-8QvCecPPBs5XnzEi5yLvSAG_-2omRC_cG_h6iDR6ZnWLxhLJlHB50XqEvtrGbz4Wn_fM7uHa1i1KlnnY7rbQcFkEOS5UMEPaxvf9x9i_VWotHTPAtEnlbKCSvkiSHih4BtPoxzA8b1fj8dk8cXwd8sB4MWeaLyGV3s6J105v055p-1A5o1hoOzpxXqWwSuI1VsZYFjo5K2WxQUVNqy1KnzuRRjQAxDVwges9olZO8oOkP6S3gjr2rRFJSinuztXWqRuAR7RP1u59BKkngGqC95AjjhBdRSJ0B-IJsPokZx7PJoTI1H8A3mGP-yXCJz2y-h3xBwEqcA5wUqIYBJvzRZre-XEh9xVt2NDB6Y58J3b-QxLY8E_KAdt-c1D-R3kROhSmjmJtdmOo5UFmwFTONlK0snt2ovGVyzZtPDyyWee_VldMxFUHUxdTzoeITfmi-LNvchQCq1opXOnARv-0QtEkFCudBrIxas4Vg0nw2ZiALAVNvV9iSXD4R4NECjSvrTMrmN-Q1VyUovvbHsmXcIvwmb7fAf5Qh517NVx9XWHAR9cS8AzAvEuWZrRZuUdHVhJaI758hqcWt-fJrgTdeXsgwdYxyQLk3nN77WWXDWvhejvsLSg4eTMSGZ37rgjk3Bhz2TL6hax0wvqauTY5e60Ckpmm7TZ13TPV4KqWXGnwHXM5xz5AZXVmpQb_8zgToZwVkh8Rf6vf3geG7beG30wcNqNTHY5AFsRlhC31RHZq4dF3oJP3AeAKDlPGH2vhxKRTw9lnWUZ0PKY1orHaDnFnz-R3GYxGFv4yQsbOOEOn_yWUjooT2P2KFge15zRxFcQRzcE6BPwSH3r9RToJSFn6nKOtfihFyAknr-uhXr6iJttd3Fy-i9-WxVYJJcxGINf_FfOEKhIPf2c2wtVBwMQPpKoh8wJausgp9Dkp_jhw2Ntm1sENFcTLi_QsJUujo1qYe_-uqR1E67GbesnwIcjIeal-cXd7afl1vAd0h-nn8pJU2k7TdL--J3TY_04px1eyvqampySqhMuwaYOoQIy2O8CB3UotsSjZCgoaDo1avpSq6rwrxXps--6V55eORM9VqZQJN92mV4Ku25ojSRQJHAJKtwzwR6soGI3Au0JwdjqlFPGfXZtwNYVxXCkHo3jyiUIsvMI7D65X0gL6mP89sLLDdEj8V-swlMxWsOl4DNpBRTUQf1UnISx3pqXNU29Y26999f6eBz_zLsjLQwzDaxtXvX30tgxMCgoQ1z5xWaSPPT3f9rkUjVA7qNifzaUJr5UAz_K7pGeVPlR_NnKarx8baHBeI8r2lzbcNtSxwsk6KbRFl5nSTDOZ23trBcmRwCzQXd5wMs7BjJX52k417M4NkJZW4sF2Li-Wh8MWt18cil1KlM68_LtNiMhUbh55xjj4ro&sai=AMfl-YTE3MY_Y_EXf-_eK-HvqVpkouvlNAGJafGp6EbM2VciGIXILwrKhDkos7MuP6hA78A6KZtgNh9qa-tU3fHo43jVntdveYLSklLFZ316eVMGJaD4ZxFqDpvH-7lboeNV-ASbK44n1AbwXdCavzl4kKzCT308Ikn_2rfoYK3YYNh-IDaEL6laIg89rHRMEXA8PWQ2damck_vz9F4D9nFQAqoFVZXs7oTei97gDtET6jzj0W2VhnWcCaC5D5jQWkBsjYB8Bgpbg6vahHEEYQArR_WOaPzAiBIpvW6aSQ&sig=Cg0ArKJSzDdVqCU2Pvn7EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=175&cisv=r20240215.78683&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 container.html Show response
f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4306 6 KB
3 KB 24ms
24ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://card.villavicastur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:46 GMT
expires: Wed, 19 Feb 2025 23:25:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 109ms
109ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=12.72&b=2&r=villavicastur.com_auto_interstitial_desktop&sy=b7fdd727-14ef-40ca-9641-bf209b4bbd0b&ts=41&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=card.villavicastur.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:48 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82c79de74bc0-BUF

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A46B 38 KB
13 KB 25ms
25ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 417844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 770D 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4306 5 KB
790 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 22:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 90DD 624 B
242 B 67ms
65ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhj9-o6IAjAB&v=APEucNWZ-yB9oiKBrbvnPR_yjdR6aFlwaHh1_cJKvAtRNk40sfU83QslpmOTP4EF3EHeLx56C44DmB_ReYBKTRdL7JXYobWFgQ

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8FA8 93 KB
33 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8FA8 3 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8FA8 20 KB
8 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8FA8 204 KB
61 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 00:01:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA8 42 B
66 B 94ms
93ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-SCg7Vu1V2WpCn7lSjCNLmAJiFJnW0aUrcQsMVCjmXWaNm8Drivmy7fVzDXnJrp5GzYBVN5cOyRM1UAQk8an2huNzCp_OgQd6sEZ5zIaa_gmJPa8

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 4306 22 KB
9 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:01:14 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9C2D 120 KB
41 KB 28ms
24ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 21:58:16 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame C206 120 KB
41 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 21:58:16 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame A46B 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 90DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1

43 B
742 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhj9-o6IAjAB&v=APEucNWZ-yB9oiKBrbvnPR_yjdR6aFlwaHh1_cJKvAtRNk40sfU83QslpmOTP4EF3EHeLx56C44DmB_ReYBKTRdL7JXYobWFgQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNIjbO7RrJiHS5Rz1OT%2Bc%2Fjxt3GJ4y9nqd7%2BXZTz2wD1flnlyfaeq%2Bizy0tA2nHEuGu6OCEVFX725duKkou0rIbo4KmcEowYjjCCY1L5%2B1dVfMEA6A%2FMeuoY3rxKlmc3Pb%2FGG5QH%2Bp%2B%2Fqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c8ddf336eb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 90DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdU0.9HM6e0AAG-UAB2LagAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2

43 B
739 B

53ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhj9-o6IAjAB&v=APEucNWZ-yB9oiKBrbvnPR_yjdR6aFlwaHh1_cJKvAtRNk40sfU83QslpmOTP4EF3EHeLx56C44DmB_ReYBKTRdL7JXYobWFgQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eyAXZ8BP57bEzrl%2FdD9rFqTfb7wYRaxJ6jHmwdCgGVY0DnNi%2B%2FW8FmJPQNZjLq88FOxULIiMhoUecUvocRZaQSVD%2Fd4VbBvcDgLECH%2Fa3ZtWGQE1trJNkGPYWPbjdV%2FOaMDoJPqJg62hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858a82c94ef036eb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-vVap2IZ8kfnJemKFyCPY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 90DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENIN2cOGNJGo-b0rsGNFRj8&google_cver=1

43 B
1 KB

38ms
38ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENIN2cOGNJGo-b0rsGNFRj8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhj9-o6IAjAB&v=APEucNWZ-yB9oiKBrbvnPR_yjdR6aFlwaHh1_cJKvAtRNk40sfU83QslpmOTP4EF3EHeLx56C44DmB_ReYBKTRdL7JXYobWFgQ

Protocol

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
an-x-request-uuid: 924b5107-216a-4bfe-8d06-2d33e054feac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENIN2cOGNJGo-b0rsGNFRj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

170 B
188 B

46ms
46ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
an-x-request-uuid: 93fd30e9-f5ab-401c-bf74-f45a2fec1dc6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk1MzEyNzc1NDE5NTg5OTk4
x-proxy-origin: 96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA8 0
23 B 96ms
95ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8858263683618&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA8 0
23 B 95ms
94ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8858263683618&version=m202401290101&ct=119&x=1&cor=14068939865967780000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8FA8 97 KB
40 KB 90ms
87ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AadmlgffKeuqChULv1v2aGkQus139ELzdflb49vvC2NtcMTPfGmecM_OhQxqUmOqI4xKhfRrvS5qv_MH-_-5SbAU1YLAxao5v5jjwgO2eJ8WDLEjcy7N8EOtC4J86KdfpLVVFKNR9CNsr6rAEqfsYrK_fBfSIuTbcb1SdoM7-vOeuBgcsdn1Iq3C10YW18WPtxCLm4&cry=1&dbm_d=AKAmf-A-unh-NU1MMX39yTRiV0r0jEwcmVPweVwZWemFz0HRtIhJgMSA8gEim8ktiX66mNz9MPz0-mrLVSldn48BoMbDBu-Cbh22-e2E3j3YlINMy3DlGGg-93dwD8NXQ_6I9NaWj1xw_nOujohj_x3-LIgWh4pcqy4YVQiipETAX5I_G3UMzDST5_pXL16MrJ3i0e68mmzrJ1-jwsmG6SVWyUE_R1AAUXSK6pDoIoG5kV29YTmHSYEJzR9zdwoWRlJkh_7EtwWBXaykLx8VcuJdgTJC4jYOu-s8W49VQQnFypZ23hbhWR6PLNr866p52aNyuClMlGnYx0cFkP_Evk4etvx9FMrfwggerWspxum-HzfxLvrUhrPMbJFq_WbtEGC8ddv9CB9ScsNeovu9CE9mIJnoJQbOi_y22NKAlorMSmoDbyRnmSvgCQsC95yU3AaKhMexlQ-I7NIdwdRIifSxMc_iA2qOimC8du1aOVMLW4xGbpH4POHNKIfhk2F22nNggMIHXB4rwF79sRB720aVSV5-9HS0MF07mkpr8glNjzKCJ2fX8v8Y8nmijEdZSXnNsjkOQhJUYE5CToIu6fzeEDYkGM0RBvYVUfLpab3WHnG-kXnDZPcXyHeUHoz9QehB3far4YdDSYku8JfpECTGnsfAor3dMg20mCoSkJ_VE9Yk37ga-xoDai1hFZbh6bYAwHPkCLIpAIZHzd6HkxsyDU1U7BHEH7yiNG_LPbnAETxI4sSA_UJGXvtlFFRDfZZW8vh08AsS-n2dO75sj4DNOIJlF7HR-w_sOdJ9Be2_zgRsmJwYwVDBTTjcVbzcKUXju4zvyUp8jrvXjwI6k7qV8O7QUoWWc3dAMcQ7wbo3GkwwFUExE1sDA621-7idRWTXPtDIZNVJjiVGXcOUTZJ_Q4L0mDRMKbjmZgXVMfQhHVOH4nuwg5aqMl6dwWq_qGTPU2HLmXsr1fd8GLndgTe3KD4AcrJ3Rr66-WmAFOZ97S8vZlhGZrVL8xrv1svzRs_8iwKi1ooEx1DHnrtFh7dY7vEHYCb77bEVK842VxHfH0Urp4kLMQcChIAzyTs0TssqDkiFfEVMuoD5zp-XA1PSjINxZA6sIIw2qBDgHfEpKNB-KN-H_JoqWr-HPkWC7XiMT2dWNeoS4mMcDTJR5YTIdug7PYnJ5ks4zP33xNAQ-vFNaPESp3fsGbp-dra1w6oQfGVjp7kJf32Gvs6rMnu3QHEXWo4qzlg8OnChvCc-tCt8hY28psDFBhzNchKXKGN7qGehNKXz9KPH1q2_4gxfLGxr7C301rlhd8F89rG6CGGESJYiKDjtvELMa3dEm06bVG-MoYXCyByyDcvN2Gutaq_YxZ5Qq2VPVHlrfVSXFdRJiUUMQeHp19gnIFpFGs9nPfN4asewVJWG5r6MqYanDOMXsTBfjPK9LEhBQI27iHORp_2B0A4hpYpDV3Zoz_hS_4SErBc6mjlcgoFxxhFzQkmFo-OA7MtiU9EWF6geRAtqpR82CWjyno63ZYD4G_LlMsYh00-ZN8xc8YpyYETR9ntvyDiPD2T6GpxmwmaDA5sToCT8cqmabrS66lzrRIBYT9TTmlCZ7qUQzm9GLmVhS8ryIVJ7nrbKVCGNQjTEt5ZDxEfC3XexGKIs_krsLOkFECoiYhRr-snUu35VZksrV_rn5JEkM9gp7x3PK0KdMRA7qGNueAPiT1Qf_2EihSfOyUwlEwwTxXBAA-L94AgHigFtT6_D35gG2fLyIz5Vhqsg3fxcAvVe1b1R9FVClNXWj-F8myCGYcJfMsSS4myCTIOavriP1Zr94kBc-5KXeuomrLc0uC3v08iPGMtSwQK04VNeh_MN5Yow9_0W26xsfEZx90l_HBR_1tgqmgPSB2Pxug72wfZ4w8ZtIdmQtxiiIXtLYSvemoG-4xU7GlRTEJmSOOxPQStXIixRi1QlMtfvl4NzmUKwqr2iv7g-Nilg4LvP4G86YJkTDffjOeZDpV5DcPEopabeItDjrHczu7wY1jLuzIlg1tnlOc2CxeQjNNI-TaxnrHg8ENJFGfgsR4p-ZwlF_Im_nwklg6lXwu67Nt03F2m2jhOxX3sa7hRIPmGou390USvAPO9lvJAvxtmRTOZXKtpbG6Zx5ouFpQAncwj1afqwrP_AG6YYY5B4u0cRbrLYxHaI-57SMXSgO1oyLQcWIi7rLl9JiSj2v5uPj8hLQQy0cX9YAGoT76wuu675GF2dESUIU6C5vN5t3SorgD1DC-ipKhZdbwcndohLSAHKdq-7zI1I4Mkz4p_3hBXqO4HUd2OOZj6P3B5FYOSZnHFA925UaI7FH7TiNkcFUdWSVVVSt_uNiJGxgtqt9ATyVbfqYto4J3y1pCbyihLyCdiXplNj4bPbuqloiR3hJxEvF9E4uGFsWTu3Rk-SEygJ3l51ajT5WDH2BeCnSshH4RFoyIHpOVJCadgviUWYg_DFoey_6KKuKShJkiiJQigudKA3X0ZSGspDkyY4Iaubwsps2udYNIZU-kNwsjyjSmE8F8fxXIi0ha36Jvx80mxOLsqz6HMyc2ch1s5v8bt-ocNRDzbGJ-Uku-AY0_2r3ekEhPc64ZZhZq7FO7xHUAfTjhgfggfiAkZSQ0B1BrVcve3O9s1ve9mA-SZKFaJ_IPVmik0cZqrMZQR4kxBSVbrAa1WgQzsZiKjX7yUCK8LlutWk3iFaOY9iKKYEdWoM4yDBfz0HZWufFiH8t7QhX7FRalLsri3uatWydh5upH9-OsHJg3evZM8uJyLI0Q5OkWWxeAiQ-XVjaOmnWLbuS1N7CoNNhgcyKqmv0v0UD7uq-simVEvEAlm_s52PuDdrTSkgkGpVATn28tlV31LN8zW2aKCmLQro6WHM-6r4XF79ct4BLWrN7VAK9AEv2_pNMWG1HPNwYamwIah_AIMH_VUZhFqYMJIaAj_yiliCstXEpnrOLfp8j45bz221Qq4nvqp50BFFlWXJuRyPeaUGaPPfR84R3sYtOvnQKYa_sjLE0ordt_aCnmEWiHZIT6Tv7AXoQM6sfGfqoskgD5kymMgAIel6Xr5WIDrLqizOv8NAEvxb25arCHFOGmVrFvIqgMD03QClPLEG5vNC3tq0_CZttncqjkOZ2AY9srCSecN0BmoLMB4pADV6rtD7qN7-LVL8S2BrQBH3JUcpUO9hAATkWa9JGuNgaoU7blmD28ubsK_N8LbUdKRTSLUJOC3HBu2uWopfzBOZSpBiELeMJ5SZKwMxNnJ60MLGhXFFTMax703uFXm9IRPtK5BRfisfBWURsYOaNCtNL71bFtjG2g2rNpfL387W8KxcWup38qIY2sLTNazB4nbx8qveWJ2AhGXJQJQM13R1GuLlX0f2NVkod3SyspgXlZndd48cDiCSPJDwopJ5-CRa1maA0tO6nU_G762TsC0Ymt-2JpjTdOVETA91HOC9w8x6rpjvPccvEk5S8m2NtjH0NyuM3YC4FvrtbJjqm0ieavhoK0rEN4UbrStj6swiFXpK6txTlmnOhHTFU3PB0YYahuMmGtA7c_u3IrEVqyze8RGC2J6-hY3WHDgsL5S6Yz4nAbgLOOWuBUmPkUCnk8oPPdtRmpo4ukwvNyt0sx00wyFx7fRZ-_4HDThhIiHxrblUK6SYYIajJtzX2x6AflbLexMCK-JxovrzKCghe3kAMSMcgIlKM8sbs_nERRiA_nylOTN8SDOb0GLhK566QlxnvRiH49OU_KsaMdOYEssLWOWMMXI6vIWlk-UoLEgVKYcKO2PEkoFyUueAeDi90gzucqhdr7PvVH08Nm64Y2eRa9ZK3czdZSEhyyJHOsNIDMQxUgZbnFoAiMNPVfeLWhje7hUFlReKUZyeNjXcHPaV043f2pBXXQZs7fDGgnV7rU4KST5N7iwD-8-_30bX100ha_XMAj-uIrhy9Wg&cid=CAQSOwAvHhf_j-kxFVswFNdEvDDCP8AogzhRWGjFK4dqSqZ8dwk1uhYpw68aZyRl6jnMcRjfxf8qd8jBXSs3GAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=14068939865967780000&adk=1877897942&idt=73&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc660a520e80c5ffcb6f06ebb28ee177e2153a614d98c46db47ab7d3cb9f43c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40714
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 2 KB
2 KB 26ms
25ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:13 GMT
date: Tue, 20 Feb 2024 18:04:13 GMT
x-content-type-options: nosniff
age: 19295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2255
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/3464665840532433707/ Frame 9C2D 4 KB
4 KB 25ms
24ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3464665840532433707/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:10 GMT
date: Tue, 20 Feb 2024 18:04:10 GMT
x-content-type-options: nosniff
age: 19298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4368
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:19:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5528 0
0 74ms
73ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvl7Hiceaz8w8YWXx6gdGuqhypLxTJbvvzBukiL5tvrxH0-A5-39SzoNl83z8wHycWKgDvRz6qXutLuHWNqUxw22Y7WRrpkOUGz74B9u7ggdZAPbYUP9lS61pMh7pF8I94CA7zVeLCyzK1cQ41XLNOd1z_aDWPd-_t12CRWjwVVenM0clBgnbMRqxf5DRaTQ1thfHHyLSBUZAZApvxeoJYf9EALGPfYUqtyCcdOLQLjbJC5FFLVreQU4VwfjuEGA4mxd6dNyq8yOeLjU7jcW66EFQvQKX62wzV5sFtpMpmcyb0eywJuQC-3ogv17YUfmFM6gaX1L8kkWiucciszXjKKYeFAG4tbqJkMqVICA1uVRmLtm0d0X7UsorX6ket9nl2FjQBxqDz8hJ-QATdMgQ7MGLKfgl_RaBwdf4SD0hHyMduu2RuOzV57USd9beUjv66fvHW5_Xi63gJX12xLDDJbEVoNzHTgpjvWcBOTDZrXfhsEfvFvog8GGXqjvs0YtKkhB4TjKu5NkBZGi43WoZFpP5Civ3s5LIlCfYRlx2LM8tYRRgVN7QVz0S5cpzFUCJrGzNhmjWjf-7WYDOSJca_w7Ariq28iV9ZuodEtqfBBT5JfX0q2bxUIjiCD_BYgEHtrTSSCKFtqfYnC12kHghFB4X174PeQJP96WJdAFkK_1eZzzQQ2C-Qw4dTnKRJDPfBbG3_b3TOlv9kSkhaIjzrwxrRxudbMM7yp3fgVZnqJI9eHzAi3Uu8n-1PhhWmUbyYvlniUFaeZ03W0lKPq55q89TrkQ7pJMbAFvfkF4DHfDNo6iDZ5VsKeD3k0soGtt8cRVGbkJzFO4NaXLJ5cSN2OUF65ZbBdedEVFwiiU5IBY2Buopns-dyMbbsgG052YAQgYZvainur7nia_gm3aBVwjRNntXKuJLYyBA_KI0nXlFjIYvSjwn1Qa0giDxC0E7XvQBCOsM3pvxLaYspstOF2tNB-2j4CnwzQYeckM2PQnNO2vGNjSlBXoCJJvx65Gi11NS0mQYZmfn6loWQJWl_oNMPT3lECNenCEYDpnV2Etwe6etyGWdF4-usdE5oHbb7sLojMsXzssb91qYjXmW9CTqyEl96owJg6mmhIh-29l0s6FgayKRuaKOI1NiAT7LKYTXpLb7CsoM756Ne7sZ2ClS60sJtHWunxZcXctErsCAB5w80xdE6fK_5xFJTAHwYN3AKlZW9Gr__VH2_kJFXJ8ftWjfA39GCvQu3MDgsc0ZVfi9uB62w5l9zynAw-tOtDJzAO0dNW5Vz_VEhkWMwesTcxIF_wzAKseYpS4rHzgMa-a1RKlN-pkwl2moo86_pAN2QU31-LHcYSW_BwlZ1NGZpbHdIDCSX798YP8AdbNpOvfG1CZLwhwnEk3JKgT4Dc1NGNIzBO4bQKcwD5C6hN1Am3wInXoXZbnhriiMAVbHWhO8Deyt21fcKh626_uRo2OLXRgZ7rSfuIsC00VfsB3yWlvkYLVm1QzrVT1wfS_CQ6kJgEInLqSRVqTg4ZJB-hqxL_dG3vf8XIAAbyRs&sai=AMfl-YRScaixE7gaIQzTdDU6AbLWOmQnoX-uQnsiLOQTCqCn0BAGbalWSU1ZlV8wxwKXCNLLs3aXdXPG3XIXUq-cNRbWS8OpALUNboWNVcTfCT-9-bD62GfuqHLugxNXRPYUZ1GzX2MC7TFev9kXUcZ1ilizhcXcBoSd4S6X0DQk6mLY264-O9oRrZah8y85onJRXKqOv5Ip4BmRrkSG97_JrnatDrR8wMzwC8v4iwUljj5axXOeQpVZBoYBd_4XhUHyNPLozj7LC6XlMfxlFNmXeZRF9-AdWUIiHEWiqQ&sig=Cg0ArKJSzKm8nATLuxcZEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=618&vt=11&dtpt=359&dett=3&cstd=242&cisv=r20240215.32871&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C206 7 KB
6 KB 74ms
74ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2cd4ee3212162413314087679e2fb5996ba4d6949328565f754e5334280432a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5699
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5129 0
0 66ms
65ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLBfdFI_Bb86HJLc9WTduEx1FUSCjy4AFrKrXphAClA7yDqOW8vplfZ0YbIjQrEIZWC1dd1M8PfikLR-SMqTDyS80zdKkddf2bqh7NI-APAwfGSmUOigmPfbJ4bdjpVPoUQwySwo0eVEJyqtbLxY-RI3oIdFKPiwKO-8QvCecPPBs5XnzEi5yLvSAG_-2omRC_cG_h6iDR6ZnWLxhLJlHB50XqEvtrGbz4Wn_fM7uHa1i1KlnnY7rbQcFkEOS5UMEPaxvf9x9i_VWotHTPAtEnlbKCSvkiSHih4BtPoxzA8b1fj8dk8cXwd8sB4MWeaLyGV3s6J105v055p-1A5o1hoOzpxXqWwSuI1VsZYFjo5K2WxQUVNqy1KnzuRRjQAxDVwges9olZO8oOkP6S3gjr2rRFJSinuztXWqRuAR7RP1u59BKkngGqC95AjjhBdRSJ0B-IJsPokZx7PJoTI1H8A3mGP-yXCJz2y-h3xBwEqcA5wUqIYBJvzRZre-XEh9xVt2NDB6Y58J3b-QxLY8E_KAdt-c1D-R3kROhSmjmJtdmOo5UFmwFTONlK0snt2ovGVyzZtPDyyWee_VldMxFUHUxdTzoeITfmi-LNvchQCq1opXOnARv-0QtEkFCudBrIxas4Vg0nw2ZiALAVNvV9iSXD4R4NECjSvrTMrmN-Q1VyUovvbHsmXcIvwmb7fAf5Qh517NVx9XWHAR9cS8AzAvEuWZrRZuUdHVhJaI758hqcWt-fJrgTdeXsgwdYxyQLk3nN77WWXDWvhejvsLSg4eTMSGZ37rgjk3Bhz2TL6hax0wvqauTY5e60Ckpmm7TZ13TPV4KqWXGnwHXM5xz5AZXVmpQb_8zgToZwVkh8Rf6vf3geG7beG30wcNqNTHY5AFsRlhC31RHZq4dF3oJP3AeAKDlPGH2vhxKRTw9lnWUZ0PKY1orHaDnFnz-R3GYxGFv4yQsbOOEOn_yWUjooT2P2KFge15zRxFcQRzcE6BPwSH3r9RToJSFn6nKOtfihFyAknr-uhXr6iJttd3Fy-i9-WxVYJJcxGINf_FfOEKhIPf2c2wtVBwMQPpKoh8wJausgp9Dkp_jhw2Ntm1sENFcTLi_QsJUujo1qYe_-uqR1E67GbesnwIcjIeal-cXd7afl1vAd0h-nn8pJU2k7TdL--J3TY_04px1eyvqampySqhMuwaYOoQIy2O8CB3UotsSjZCgoaDo1avpSq6rwrxXps--6V55eORM9VqZQJN92mV4Ku25ojSRQJHAJKtwzwR6soGI3Au0JwdjqlFPGfXZtwNYVxXCkHo3jyiUIsvMI7D65X0gL6mP89sLLDdEj8V-swlMxWsOl4DNpBRTUQf1UnISx3pqXNU29Y26999f6eBz_zLsjLQwzDaxtXvX30tgxMCgoQ1z5xWaSPPT3f9rkUjVA7qNifzaUJr5UAz_K7pGeVPlR_NnKarx8baHBeI8r2lzbcNtSxwsk6KbRFl5nSTDOZ23trBcmRwCzQXd5wMs7BjJX52k417M4NkJZW4sF2Li-Wh8MWt18cil1KlM68_LtNiMhUbh55xjj4ro&sai=AMfl-YTE3MY_Y_EXf-_eK-HvqVpkouvlNAGJafGp6EbM2VciGIXILwrKhDkos7MuP6hA78A6KZtgNh9qa-tU3fHo43jVntdveYLSklLFZ316eVMGJaD4ZxFqDpvH-7lboeNV-ASbK44n1AbwXdCavzl4kKzCT308Ikn_2rfoYK3YYNh-IDaEL6laIg89rHRMEXA8PWQ2damck_vz9F4D9nFQAqoFVZXs7oTei97gDtET6jzj0W2VhnWcCaC5D5jQWkBsjYB8Bgpbg6vahHEEYQArR_WOaPzAiBIpvW6aSQ&sig=Cg0ArKJSzDdVqCU2Pvn7EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=515&vt=11&dtpt=332&dett=3&cstd=175&cisv=r20240215.78683&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8FA8 172 KB
60 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Origin: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 8FA8 12 KB
4 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AadmlgffKeuqChULv1v2aGkQus139ELzdflb49vvC2NtcMTPfGmecM_OhQxqUmOqI4xKhfRrvS5qv_MH-_-5SbAU1YLAxao5v5jjwgO2eJ8WDLEjcy7N8EOtC4J86KdfpLVVFKNR9CNsr6rAEqfsYrK_fBfSIuTbcb1SdoM7-vOeuBgcsdn1Iq3C10YW18WPtxCLm4&cry=1&dbm_d=AKAmf-A-unh-NU1MMX39yTRiV0r0jEwcmVPweVwZWemFz0HRtIhJgMSA8gEim8ktiX66mNz9MPz0-mrLVSldn48BoMbDBu-Cbh22-e2E3j3YlINMy3DlGGg-93dwD8NXQ_6I9NaWj1xw_nOujohj_x3-LIgWh4pcqy4YVQiipETAX5I_G3UMzDST5_pXL16MrJ3i0e68mmzrJ1-jwsmG6SVWyUE_R1AAUXSK6pDoIoG5kV29YTmHSYEJzR9zdwoWRlJkh_7EtwWBXaykLx8VcuJdgTJC4jYOu-s8W49VQQnFypZ23hbhWR6PLNr866p52aNyuClMlGnYx0cFkP_Evk4etvx9FMrfwggerWspxum-HzfxLvrUhrPMbJFq_WbtEGC8ddv9CB9ScsNeovu9CE9mIJnoJQbOi_y22NKAlorMSmoDbyRnmSvgCQsC95yU3AaKhMexlQ-I7NIdwdRIifSxMc_iA2qOimC8du1aOVMLW4xGbpH4POHNKIfhk2F22nNggMIHXB4rwF79sRB720aVSV5-9HS0MF07mkpr8glNjzKCJ2fX8v8Y8nmijEdZSXnNsjkOQhJUYE5CToIu6fzeEDYkGM0RBvYVUfLpab3WHnG-kXnDZPcXyHeUHoz9QehB3far4YdDSYku8JfpECTGnsfAor3dMg20mCoSkJ_VE9Yk37ga-xoDai1hFZbh6bYAwHPkCLIpAIZHzd6HkxsyDU1U7BHEH7yiNG_LPbnAETxI4sSA_UJGXvtlFFRDfZZW8vh08AsS-n2dO75sj4DNOIJlF7HR-w_sOdJ9Be2_zgRsmJwYwVDBTTjcVbzcKUXju4zvyUp8jrvXjwI6k7qV8O7QUoWWc3dAMcQ7wbo3GkwwFUExE1sDA621-7idRWTXPtDIZNVJjiVGXcOUTZJ_Q4L0mDRMKbjmZgXVMfQhHVOH4nuwg5aqMl6dwWq_qGTPU2HLmXsr1fd8GLndgTe3KD4AcrJ3Rr66-WmAFOZ97S8vZlhGZrVL8xrv1svzRs_8iwKi1ooEx1DHnrtFh7dY7vEHYCb77bEVK842VxHfH0Urp4kLMQcChIAzyTs0TssqDkiFfEVMuoD5zp-XA1PSjINxZA6sIIw2qBDgHfEpKNB-KN-H_JoqWr-HPkWC7XiMT2dWNeoS4mMcDTJR5YTIdug7PYnJ5ks4zP33xNAQ-vFNaPESp3fsGbp-dra1w6oQfGVjp7kJf32Gvs6rMnu3QHEXWo4qzlg8OnChvCc-tCt8hY28psDFBhzNchKXKGN7qGehNKXz9KPH1q2_4gxfLGxr7C301rlhd8F89rG6CGGESJYiKDjtvELMa3dEm06bVG-MoYXCyByyDcvN2Gutaq_YxZ5Qq2VPVHlrfVSXFdRJiUUMQeHp19gnIFpFGs9nPfN4asewVJWG5r6MqYanDOMXsTBfjPK9LEhBQI27iHORp_2B0A4hpYpDV3Zoz_hS_4SErBc6mjlcgoFxxhFzQkmFo-OA7MtiU9EWF6geRAtqpR82CWjyno63ZYD4G_LlMsYh00-ZN8xc8YpyYETR9ntvyDiPD2T6GpxmwmaDA5sToCT8cqmabrS66lzrRIBYT9TTmlCZ7qUQzm9GLmVhS8ryIVJ7nrbKVCGNQjTEt5ZDxEfC3XexGKIs_krsLOkFECoiYhRr-snUu35VZksrV_rn5JEkM9gp7x3PK0KdMRA7qGNueAPiT1Qf_2EihSfOyUwlEwwTxXBAA-L94AgHigFtT6_D35gG2fLyIz5Vhqsg3fxcAvVe1b1R9FVClNXWj-F8myCGYcJfMsSS4myCTIOavriP1Zr94kBc-5KXeuomrLc0uC3v08iPGMtSwQK04VNeh_MN5Yow9_0W26xsfEZx90l_HBR_1tgqmgPSB2Pxug72wfZ4w8ZtIdmQtxiiIXtLYSvemoG-4xU7GlRTEJmSOOxPQStXIixRi1QlMtfvl4NzmUKwqr2iv7g-Nilg4LvP4G86YJkTDffjOeZDpV5DcPEopabeItDjrHczu7wY1jLuzIlg1tnlOc2CxeQjNNI-TaxnrHg8ENJFGfgsR4p-ZwlF_Im_nwklg6lXwu67Nt03F2m2jhOxX3sa7hRIPmGou390USvAPO9lvJAvxtmRTOZXKtpbG6Zx5ouFpQAncwj1afqwrP_AG6YYY5B4u0cRbrLYxHaI-57SMXSgO1oyLQcWIi7rLl9JiSj2v5uPj8hLQQy0cX9YAGoT76wuu675GF2dESUIU6C5vN5t3SorgD1DC-ipKhZdbwcndohLSAHKdq-7zI1I4Mkz4p_3hBXqO4HUd2OOZj6P3B5FYOSZnHFA925UaI7FH7TiNkcFUdWSVVVSt_uNiJGxgtqt9ATyVbfqYto4J3y1pCbyihLyCdiXplNj4bPbuqloiR3hJxEvF9E4uGFsWTu3Rk-SEygJ3l51ajT5WDH2BeCnSshH4RFoyIHpOVJCadgviUWYg_DFoey_6KKuKShJkiiJQigudKA3X0ZSGspDkyY4Iaubwsps2udYNIZU-kNwsjyjSmE8F8fxXIi0ha36Jvx80mxOLsqz6HMyc2ch1s5v8bt-ocNRDzbGJ-Uku-AY0_2r3ekEhPc64ZZhZq7FO7xHUAfTjhgfggfiAkZSQ0B1BrVcve3O9s1ve9mA-SZKFaJ_IPVmik0cZqrMZQR4kxBSVbrAa1WgQzsZiKjX7yUCK8LlutWk3iFaOY9iKKYEdWoM4yDBfz0HZWufFiH8t7QhX7FRalLsri3uatWydh5upH9-OsHJg3evZM8uJyLI0Q5OkWWxeAiQ-XVjaOmnWLbuS1N7CoNNhgcyKqmv0v0UD7uq-simVEvEAlm_s52PuDdrTSkgkGpVATn28tlV31LN8zW2aKCmLQro6WHM-6r4XF79ct4BLWrN7VAK9AEv2_pNMWG1HPNwYamwIah_AIMH_VUZhFqYMJIaAj_yiliCstXEpnrOLfp8j45bz221Qq4nvqp50BFFlWXJuRyPeaUGaPPfR84R3sYtOvnQKYa_sjLE0ordt_aCnmEWiHZIT6Tv7AXoQM6sfGfqoskgD5kymMgAIel6Xr5WIDrLqizOv8NAEvxb25arCHFOGmVrFvIqgMD03QClPLEG5vNC3tq0_CZttncqjkOZ2AY9srCSecN0BmoLMB4pADV6rtD7qN7-LVL8S2BrQBH3JUcpUO9hAATkWa9JGuNgaoU7blmD28ubsK_N8LbUdKRTSLUJOC3HBu2uWopfzBOZSpBiELeMJ5SZKwMxNnJ60MLGhXFFTMax703uFXm9IRPtK5BRfisfBWURsYOaNCtNL71bFtjG2g2rNpfL387W8KxcWup38qIY2sLTNazB4nbx8qveWJ2AhGXJQJQM13R1GuLlX0f2NVkod3SyspgXlZndd48cDiCSPJDwopJ5-CRa1maA0tO6nU_G762TsC0Ymt-2JpjTdOVETA91HOC9w8x6rpjvPccvEk5S8m2NtjH0NyuM3YC4FvrtbJjqm0ieavhoK0rEN4UbrStj6swiFXpK6txTlmnOhHTFU3PB0YYahuMmGtA7c_u3IrEVqyze8RGC2J6-hY3WHDgsL5S6Yz4nAbgLOOWuBUmPkUCnk8oPPdtRmpo4ukwvNyt0sx00wyFx7fRZ-_4HDThhIiHxrblUK6SYYIajJtzX2x6AflbLexMCK-JxovrzKCghe3kAMSMcgIlKM8sbs_nERRiA_nylOTN8SDOb0GLhK566QlxnvRiH49OU_KsaMdOYEssLWOWMMXI6vIWlk-UoLEgVKYcKO2PEkoFyUueAeDi90gzucqhdr7PvVH08Nm64Y2eRa9ZK3czdZSEhyyJHOsNIDMQxUgZbnFoAiMNPVfeLWhje7hUFlReKUZyeNjXcHPaV043f2pBXXQZs7fDGgnV7rU4KST5N7iwD-8-_30bX100ha_XMAj-uIrhy9Wg&cid=CAQSOwAvHhf_j-kxFVswFNdEvDDCP8AogzhRWGjFK4dqSqZ8dwk1uhYpw68aZyRl6jnMcRjfxf8qd8jBXSs3GAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcard.villavicastur.com%2F&ds=l&xdt=1&iif=1&cor=14068939865967780000&adk=1877897942&idt=73&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:02:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 8FA8 30 KB
11 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FA8 41 KB
14 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: card.villavicastur.com
URL: https://card.villavicastur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5045 1 KB
648 B 42ms
41ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 21:47:22 GMT
etag: 48472445140208031
expires: Wed, 21 Feb 2024 21:47:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9C2D 7 KB
6 KB 66ms
63ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd005f77e42d32285d92a2c12feb400cde02fa1aee4d3acdd44930720646fdbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5805
x-xss-protection: 0

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 2 KB
2 KB 31ms
31ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/preload.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:13 GMT
date: Tue, 20 Feb 2024 18:04:13 GMT
x-content-type-options: nosniff
age: 19295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2255
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/3464665840532433707/ Frame 9C2D 4 KB
4 KB 31ms
30ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3464665840532433707/preload.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:10 GMT
date: Tue, 20 Feb 2024 18:04:10 GMT
x-content-type-options: nosniff
age: 19298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4368
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:19:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 457 B
485 B 29ms
28ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:17 GMT
date: Tue, 20 Feb 2024 18:04:17 GMT
x-content-type-options: nosniff
age: 19291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 457
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 31 KB
31 KB 29ms
29ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/poster.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f742877e2197f3098bd00681b25b9afb2430805a2b98a98a4f74381b38b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:17 GMT
date: Tue, 20 Feb 2024 18:04:17 GMT
x-content-type-options: nosniff
age: 19291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31455
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C206 17 KB
6 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/3464665840532433707/ Frame 9C2D 676 B
704 B 26ms
25ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3464665840532433707/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

560840d26c66d01e35e8257c2599e4d6ff81fb45082ac051cbfb0fb835657951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:11 GMT
date: Tue, 20 Feb 2024 18:04:11 GMT
x-content-type-options: nosniff
age: 19297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 676
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:19:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/3464665840532433707/ Frame 9C2D 56 KB
56 KB 26ms
26ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3464665840532433707/poster.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57aa228c29323e30a36ef806a718c752438f87e9d97c747784eefeaf2a098756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:11 GMT
date: Tue, 20 Feb 2024 18:04:11 GMT
x-content-type-options: nosniff
age: 19297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57616
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:19:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame C206
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag...

246 KB
247 KB

114ms
25ms

Media
video/mp4

2607:f8b0:4006:2::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/521EC9A004EEE2549868E8CD03AE5DD7B3090F57.369D98DCEE3DFD83C4CD1987D7BC3CC63BDDD5FD/key/cms1/cms_redirect/yes/mh/Lb/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1708471127/mv/u/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4006:2::6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

edb50fc5e0fdb9eecbfb20b0429a1ccf2cb9967734281e417896a853599bd5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 23:25:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Feb 2024 20:18:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-251968/251969
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 251969
Expires: Tue, 20 Feb 2024 23:25:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/521EC9A004EEE2549868E8CD03AE5DD7B3090F57.369D98DCEE3DFD83C4CD1987D7BC3CC63BDDD5FD/key/cms1/cms_redirect/yes/mh/Lb/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1708471127/mv/u/mvi/1/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-ab5l6nrl.c.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9C2D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-ab5l6nrl.c.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag...

604 KB
604 KB

115ms
26ms

Media
video/mp4

2607:f8b0:4006:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-ab5l6nrl.c.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A7F476B68DB0452BD1068670C4518A0B6282C9F.4BF55C279A2D356B2E8024C61601BA7049F6B0D4/key/cms1/cms_redirect/yes/mh/nt/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nrl/ms/onc/mt/1708471127/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4006:1::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d07f28acff182c30b15ac2d9257306c5bf7cede7a42753ec99b28db2efaace20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 23:25:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Feb 2024 20:19:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-617983/617984
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 617984
Expires: Tue, 20 Feb 2024 23:25:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-ab5l6nrl.c.2mdn.net/videoplayback/id/06518130c3042d87/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740007547/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A7F476B68DB0452BD1068670C4518A0B6282C9F.4BF55C279A2D356B2E8024C61601BA7049F6B0D4/key/cms1/cms_redirect/yes/mh/nt/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5l6nrl/ms/onc/mt/1708471127/mv/u/mvi/3/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13412334704686361017/ Frame 6A4D 89 KB
23 KB 52ms
49ms Document
text/html 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989edad422459154048ddd68b34a71c8365f2a2af02f9edf415d2b9833323f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 23:25:48 GMT
expires: Wed, 19 Feb 2025 23:25:48 GMT
last-modified: Thu, 15 Feb 2024 20:18:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C2D 17 KB
6 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
DATA 200
OK truncated
/ Frame C206 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame C206 13 KB
5 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 00:12:20 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 9C2D 13 KB
5 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3464665840532433707/index.html?e=69&leftOffset=0&topOffset=0&c=Q1Q9X5w6fo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 00:12:20 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A26 38 KB
13 KB 36ms
34ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 417844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5045
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1&google_push=AXcoOmRzdhgRyJvLfr6HckwYtkBhejEU36b7SdFgDMHLt2OA5YVWRBxqjUMaxmN79CLL9Kjy2nQozT0uZEjC0J3nyQnoefSc4a72_...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUwODQ0MzM4ODUzMTYyNDAzNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1

43 B
398 B

49ms
48ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1
Requested by: Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEACXZZE01d2hOVsuSxr_pcc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5045
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEMc41AqC4QeXExNyX2QsGxQ&google_cver=1&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmT...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmTLr19yi2pRfUCWIJWSXMpmGUqbd_...

170 B
188 B

41ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmTLr19yi2pRfUCWIJWSXMpmGUqbd_RY6s2jvx_nqSB_lNObFN9FAo-A8G0&google_hm=UjMzNjQ2XzExMTM0NTczN184RTBGOTU1Mg%3D%3D

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRqQipVcsB3KDjBZ7TkIbMbc5uAekZB7f9ebb_tMl1y-ZsDXoCkah6zhVwCu4Uiu_VBVngOUUb9FWiObjJyVigrMG988NmTLr19yi2pRfUCWIJWSXMpmGUqbd_RY6s2jvx_nqSB_lNObFN9FAo-A8G0&google_hm=UjMzNjQ2XzExMTM0NTczN184RTBGOTU1Mg%3D%3D
Date: Tue, 20 Feb 2024 23:25:48 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-391476348; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 402
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5045
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDY0ODE1NmYtODAzNi00MTgxLWJkZGItZGU2NWM1ZjFlNDA1&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=1&google_push=AXcoOmRG...

170 B
188 B

41ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDY0ODE1NmYtODAzNi00MTgxLWJkZGItZGU2NWM1ZjFlNDA1&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=1&google_push=AXcoOmRG28wV15yhjnFrIRLUcjj1GzjIYQJ2oVWTNPbGBuJuKl4kUtOQalkwQZ-n7rc-PX-laVArZUOV-ieHwgDFJvY7JFmAnsMSDLrC2RFVSkraXERuA0wBt7MY6lev7LXRH-ANJh9pXCnzEA4CmmRrMBFI

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDY0ODE1NmYtODAzNi00MTgxLWJkZGItZGU2NWM1ZjFlNDA1&google_gid=CAESEPSjYWffpEkDhSh3V1kKewY&google_cver=1&google_push=AXcoOmRG28wV15yhjnFrIRLUcjj1GzjIYQJ2oVWTNPbGBuJuKl4kUtOQalkwQZ-n7rc-PX-laVArZUOV-ieHwgDFJvY7JFmAnsMSDLrC2RFVSkraXERuA0wBt7MY6lev7LXRH-ANJh9pXCnzEA4CmmRrMBFI
date: Tue, 20 Feb 2024 23:25:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame 5045
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1&google_push=AXcoOmRTtFHwKkHVyGsqpYtzRNeRCLSfa0VZaRlP9504MoMjpdBza4mGeFFKmsVLzHx8MQrK3RXwJqik_OnIGpGjK...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1&google_push=AXcoOmRTtFHwKkHVyGsqpYtzRNeRCLSfa0VZaRlP9504MoMjpdBza4mGeFFKmsVLzHx8MQrK3RXwJqik_OnIGpGjK...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=6zmyy9wXcoV3r8HWXC6qZDP1HU_21QfaT0NiIaZlh2U&pi=adx&pi=adxab&google_gid=CAESEP3KmnmdwNi45Td8pUhaDbA&google_cver=1...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

42 B
261 B

109ms
30ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT, Tue, 20 Feb 2024 23:25:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5045
Redirect Chain

https://google.partners.tremorhub.com/sync?UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3GvqAhWj5ntiqwJ5dlVU-Wqq2JFaiWfBTHXERyDUMAkf2yj1ww3HySfrlh9vK5dm2-FJns...
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTQwMmI1OWZiMjE2NGZjOTg0OWMxOGY1YjJmODU2Mjc%3D&UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3Gv...

170 B
188 B

42ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTQwMmI1OWZiMjE2NGZjOTg0OWMxOGY1YjJmODU2Mjc%3D&UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3GvqAhWj5ntiqwJ5dlVU-Wqq2JFaiWfBTHXERyDUMAkf2yj1ww3HySfrlh9vK5dm2-FJnsayC6NG43ISa_Mx7sUjcwthtFqY8UN6SqP9Oombx1PvXLJ8DaFAl1BNxE2Ze_O

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTQwMmI1OWZiMjE2NGZjOTg0OWMxOGY1YjJmODU2Mjc%3D&UIDF=CAESEF5ZL1R086UWQXRXDtWoA28&google_cver=1&google_push=AXcoOmQGx-RwItPLC99S1PfEW3GvqAhWj5ntiqwJ5dlVU-Wqq2JFaiWfBTHXERyDUMAkf2yj1ww3HySfrlh9vK5dm2-FJnsayC6NG43ISa_Mx7sUjcwthtFqY8UN6SqP9Oombx1PvXLJ8DaFAl1BNxE2Ze_O
date: Tue, 20 Feb 2024 23:25:48 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5045
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENSfRHfaBn2RNb4lic6k-0w&google_cver=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIOmlMOMfBx22_jsJABDqvBSpyJouRNq9Yam1PQB3A7IQ_UuSzqxpV2oKVFNNmcWToV8d...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&mn_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIO...

170 B
188 B

40ms
40ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&mn_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIOmlMOMfBx22_jsJABDqvBSpyJouRNq9Yam1PQB3A7IQ_UuSzqxpV2oKVFNNmcWToV8dwAKQNOU-PX6d2_enGAsiRBe5zyqjIxVdaKqK4nYjh3c29J_CtRWK1ZnZ7g&gdpr=&gdpr_consent=

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Feb 2024 23:25:48 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&mn_hm=MzUxNDczMTQ4NjYzMzg3MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSgqh0VpfxNrgsmw2iRUhHdtIOmlMOMfBx22_jsJABDqvBSpyJouRNq9Yam1PQB3A7IQ_UuSzqxpV2oKVFNNmcWToV8dwAKQNOU-PX6d2_enGAsiRBe5zyqjIxVdaKqK4nYjh3c29J_CtRWK1ZnZ7g&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Tue, 20 Feb 2024 23:25:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5045
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECqiM8aLAyHlG8PaWnKFsl4&google_cver=1&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205xZy4ChwtGOQjGqRwR8AsUIFU7VR...

170 B
188 B

42ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205xZy4ChwtGOQjGqRwR8AsUIFU7VRuGvO53xM2-dHvcf4k6sOpI5srdYsxcIqqvRw&google_hm=OTkzNzc2MzkzMDQ3NjIyODc0

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS0xLOeDNlzMtR0q4sFKCOOhYa8J0uB6yLs2YyIPqxjuB1s1A9TB8lOAb0xbOnsJ04HJHUkKurlZddvDEa5o1ZI205xZy4ChwtGOQjGqRwR8AsUIFU7VRuGvO53xM2-dHvcf4k6sOpI5srdYsxcIqqvRw&google_hm=OTkzNzc2MzkzMDQ3NjIyODc0
Date: Tue, 20 Feb 2024 23:25:48 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5045 0
12 B 42ms
39ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InFNDlCC9AbZAE0BkoPQUESqBmpB-VUVo_fdQVZal02KatrUHIsnl7SNjoVTbpvDTsxvNB6g

Requested by

Host: f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
URL: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/16436046419864873880/ Frame C206 457 B
485 B 26ms
25ms Image
image/png 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=ldjDtBuLFK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:04:17 GMT
date: Tue, 20 Feb 2024 18:04:17 GMT
x-content-type-options: nosniff
age: 19291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 457
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 59A2 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6A4D 120 KB
41 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 21:58:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 770D 0
23 B 98ms
97ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8ePH-zTVZfWMKt3G6toPt7Cc2AQAAAAAOAHgBAI&bg=!dnWldTrNAAZN4L4YbeA7ADQBe5WfOAhHDRwLH40bp73fFr_ee9hnyI5JQTkpcAeQnh9Gl6nu9Ikdwfvrtzdp2Z4cMVPSAgAAAZVSAAAAA2gBB5kDb0l6FFbjPzVu3yc3N6-guqBirxwsW-z8FBd5eKZOFCcwSXZZFjKqRQKRLgQxnDKxhkf7W69aMfJHNlFX51DN0EmILyUSj8MrQnlzT3x5kyOYPo9BYZmK1cUYq7ZZQ1XByneBdX6UNb_y6ofzVBuOFlWUYjjea2yyQtV-iuozS91fX5l9zugXSNhfYoHmxAOjHotk1eYIOudfRUyAJwCLMK_Ne9cfQMxV4bwtBuPIgZAgPCUaaBLvHD7PIyGggBRcL6gBRYjuTw1h4EK0-4R6XngNUJjYylxlEdmvsj_-fW-DRAIUoJuz1pH3VRLTMURIak42FvUZDAifmwvlgcSpxATxG7sbUWcX-dBe4ycpkP1C_EPjG5lXY1ETJafqU97yns-nusbevECu5UPdWqyRGLYZO9iIAcQpHvIVhWrtkeCPcYxTDux1bdEmkcrtKFzcksR-YUzbULebETeKU_ELbuGsbvtuxmfSnuAmSmUjTdDZx6EIaPmtHVQ-uZ5s7ZtICx8EdBpRtZt1mRGzfc80YAohLTBLf5sXiC31SHlI2Gl_BGYzD6x80YS6BIskKUY2kAxd58D6_e0AtPPibgGC_VH3Hg6UGRXpM8CoXCv4RP_ho6NbvOgd3yf2asoEwHT3C-fvneGemMPtioxxtqH7OXKL5O0EOZnIxMq-CUa27tsqJgjj2WyqAPdlZJJByTbv1kz75KAIxsNf8u--v7HI_nE6WkZaOz-EOuZR-tHEVZm77Gv9XfXjTlNiVdwrnuflWkI73fpNFqSdNwtKp7nSiOFrTp7uQ0QAZ3JcpvtYbpL8iL5C5RW8S54C-3swNwG-dtRbLQNcaPXLT8DWHRlnlmzAlRJ5qb_OcksEMcmlTxEiILJDRCJrFWYmRY4OxqcCJ6QVNKVXD94QXfGztmaBrIZ0RomnHYiDp4HsJHElKgtkdJjy9Icha9kWXJ5tJaFYbUjfRGqPPuBCFZlnrvn-BT8Kfy3sLKDkgP9uXMsmcpvr0_cimcTZPTzqWvWguGbokXkpqRn0j7JkxP8zHAkkoLlxv2GhOHVV9lL1yM_ssGRmu8jeUgi-FTIJ08T_FRVGI2mjNqhTgaPZXc3vOhSe51PQSi-7lILVTdLhEbNh-ICHmt3LJcrH1SvRxerjTyVgFtGsHYfjJaHkw7A8-zlpUg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 100ms
99ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402150101&jk=435422456767657&bg=!VlWlVRrNAAZN4L4YbeA7ADQBe5WfOOuCP95dR3Yag5OdRDI5rFYYUAYKIGwwhjGpzMTQnO5dct75L9rebbVQfxZbWA8jAgAAAVBSAAAAAmgBB5kC2HzHA5AJnuj_BEUhEX2dGh_QqcpUVIXs2ua0Uq0WGb82SaR85W9YiFB5UjSXtSFNlOh3W4zqzxpyGleRbEn3rJRvrE1fY8tFZrwO_6B0eZFylyUyD-oYFfi9ErxOOwKr_XJzLEK6CbbYn8VJdyy4MlqAEbeHujlrjN1KReXkc27Gs9XFVb_n8B5kAZWiocaEd0lbuUtO9Rnh30M6hSJKr8icpY4vogKlIfrivmM-qm-__ApiL799gxfEVm7JU0EE3hP5-l6kg4noKoE73aDvFJJ1qMuoJ9xbD2G7Lkyaw69WxrgTzXK9J4S7e7mzkMnmHJ-hvQgQ3QTCKWX6xjMYK_Yb7-4wwVbIYyJwSONzrtyO_TlVdis4RgXuN9YmNjgsmXtou2dsSUTuyeEzAPMzZB2MRcpleQ9z82FVJa6Gv5Z69WnKGYEdwg-JpQ_MIYOOWqO-ImrEEtXL7dp-pL7-MpvxZV6toH3iAX5GYKn_XEEKMgfyeWnIHxf9m3gHqzyY_OuTDAY5-wrSO2bwaQ29TxkejFK_16sggRqVwgMDBT_4zWGn2aHqh4Ac_irfCnITbHqbLnYR0ogAGjSK44NFc7QErQ29luHpuQit62BLfqmvJRCMUViBUvkrVqgGfmLjM2vxv3piMk4wI_8nTw8IrZXBU1GZWcTykIxYe9ZXyLl7V1FOQviBGCFzzRtwX_DY6U_6ko19woeg1h0tIN4w2YD_KnLndgPeubW8eRaiBdjzFsaLMlRBbxw2FRLAqEhPQxZuiQPh_6nObynqUKyAKM7mGsMOzBS-uWERNFnbEPAEKjTVSdDVoIqrkvqhfIzpBnwSMqKkpH2T8oMntsyDAoCmbYn8aJfeuGVRvVaPurBozbccdY552XXeiV5AbSNeMIXpUSBZgKvguY7BBTtFEYmjO3UdyRMhr-nJQD18iCqXleRE6ohQxqp1lf2O8XaybkpMwJV0X2ok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 801C 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A26 39 KB
15 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/13412334704686361017/ Frame 6A4D 2 KB
2 KB 26ms
24ms Image
image/jpeg 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13412334704686361017/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b750220940b9d40f07bd00eae561c929cf6368371b6435ffdfc3729b5f954043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13412334704686361017/index.html?e=69&leftOffset=0&topOffset=0&c=siQCqhTnYK&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 18:03:48 GMT
date: Tue, 20 Feb 2024 18:03:48 GMT
x-content-type-options: nosniff
age: 19320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2349
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A46B 0
23 B 96ms
95ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTT7n-zTVZc2tMLnA6toP6qOvSAAAAAA4AeAEAg&bg=!JySlJGvNAAZN4L4YbeA7ADQBe5WfOEe_WhLG-c7T5pvnaqJ_eNw94ZnUOljiVbxxBhBbKo0WIndoEPahP0EuPStGkYp6AgAAAVpSAAAAA2gBB5kDDygNq7ECQqM1ObbHmi8LiIaMz3_oWjubZ4EfakF-hJPdS7pYGuvXoeqI9PFcY0Ip4jDW60dedujN5CMfhf49Im1bYKt0iWBDh24CegQGltrbkX45HGkrXWYOpiJEVuQz1Pos8P5kibftHsSjiA0iyVUl4ikDOJ2a5xGaEVCOfxgyobjle7JTASBJAkdzUUiBtjnARTMEDabSt_9vYjwsBdxjZWUo1ntfczWznuzoO0C_ojIDJAkDkcPMzEzLTr6HhfV14vUO_mmbTuS8v-D5QB8YCncJczjFviJsuLeAVC3B4XJ-SeJ2672MSV-vKhgNx1PmwJ4W95RTifCxT9B7IP6l835EV4n_lzfq2_8gY1o2noD8VGtviDlN1KEKFvnOpw_CTx8kSSFzgrlmcuXXm1YaA8QPtO0iwHf7y9XOjjCaRDe2oNBv0FcLeK-_asoxK9yxAS1Um9D6b9kSOs0UPgDkiWMFsvilKZDIdZL7RGmtxocY4SQAS8Jx10P9LBY6YLd46souUF5oFWFbI-0LS5eFUsasT2I1uywDJ013TXWDkfSDd-msQU8rJlL8IjyCulqDLRTAOlNsj_qz62UxFGX2BUs0AzxxUkBosQEMsf6d_CVlBAqUypOUxO3w7EY_sEj1RV9TToCENkygdGzRUtqvqGhddnRytzGW8QHv2blMTHl5Kg5ApZQ3sXC5efYm6qD0LBl8JHuP08Y9_V3BkkDW8ibgVdIE8H-MhhEVqZP7eflCKa7nU945hez0e3hoJPmqyvNaI78R7ikhQrywdiyDwGpEo4mF1lXf6V_9h3SLP4dboNPfixxVyQx8ZCB974zuRbgHP2KCwZAiSut22eslxtlC3zdrvkB0x125AGoDSFBuxgf3GsobSK4hyOwu6Y8grO0VnoL5TvXqolysc1INwsxSMZ_zBFS-795x5kSMM-Vsu8rvQDv74M68qucB0OqBn-vayBxfzpQmO6qxgAnk-wA9npQYJLpHUjtUET0UnwyiUBb1xsl4Yku-rKOfAOCHUeZXk1I4fDGFZQ3wjA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6A4D 8 KB
6 KB 73ms
72ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc2727a8f20cf3ee566811cef583b5f40fe2dd5f59c231071c6811221ccfa77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5844
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5129 42 B
64 B 102ms
99ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttNXViiiSdw4z7MtqeEh_SH79iRUzere1qONVY0FDWckZ9RJvQ_O-Y8Fo0dEx6Lm4ytJrHgiiFby3803cbcShVU2Eo6_jkIPV9dU8Iyd20zkaVUJrDRH8kl7Q6J_X4fI02rE4cYYbpSHyMzifRSa1UpgXU7CkvxrA&sai=AMfl-YTmFR3Q-Kf_MWWQmzhzVI2sBu1H5cxQSnn-pbefMv3DCseDP0iQNdp83yCU_o2bCeAWYdR_cr_BqLxOhzIC17PAM-aDdVSe_2C-1ePzrlwcOoF9_VRsti9Izy7R1miW3iK7n8oKvZV7zMhB2ekk&sig=Cg0ArKJSzF5-Cd3kJC6OEAE&cid=CAQSTgAvHhf_tG-OaRNKMBAnB2BAw3Xvu39djSadtdh3HGS0hRpxIutBYdPHdxry0XEDm4EK2vYYc9wB6oTZ5GZJxcVkRvJh4PITiIx2Tr8ShhgB&id=lidar2&mcvt=1013&p=162,315,412,1285&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=121952937&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=440434700&rst=1708471547614&rpt=321&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItfbVvYi7hAMVXaNaBR03GAdLEAAYACDzsqhkQhMI-4uZvYi7hAMVHMnjBx2zfA3Z;dc_eps=AHas8cC__cl9gbfUmYItffZxl_sk1N65JmogwVvEMOcQCmIardWGVIx5zTvKooqp-ZkXqBqvhRzF7vZaU0N9P7AS;met=1;&timestamp=170847154...
ade.googlesyndication.com/ddm/activity/ Frame 5528 42 B
107 B 77ms
62ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItfbVvYi7hAMVXaNaBR03GAdLEAAYACDzsqhkQhMI-4uZvYi7hAMVHMnjBx2zfA3Z;dc_eps=AHas8cC__cl9gbfUmYItffZxl_sk1N65JmogwVvEMOcQCmIardWGVIx5zTvKooqp-ZkXqBqvhRzF7vZaU0N9P7AS;met=1;&timestamp=1708471548977;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A4D 17 KB
6 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 23:25:49 GMT

GET
H2 200 dc_oe=ChMIjZfcvYi7hAMVOaBaBR3q0QsJEAAYACD5sqhkQhMIl6utvYi7hAMVmSizAB3xAwcp;dc_eps=AHas8cCUi4ib85l3b8A3pXvmGZnWZsBDITOpVtLDVodE-POLBx09qvpudHjYRIiOxBalutc_Gc20JBnXgU-0B9A7;met=1;&timestamp=170847154...
ade.googlesyndication.com/ddm/activity/ Frame 5129 42 B
254 B 64ms
59ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjZfcvYi7hAMVOaBaBR3q0QsJEAAYACD5sqhkQhMIl6utvYi7hAMVmSizAB3xAwcp;dc_eps=AHas8cCUi4ib85l3b8A3pXvmGZnWZsBDITOpVtLDVodE-POLBx09qvpudHjYRIiOxBalutc_Gc20JBnXgU-0B9A7;met=1;&timestamp=1708471548987;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame A42C 39 KB
15 KB 27ms
27ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A26 0
24 B 97ms
97ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsnFL_DTVZfejEZqj6toPzty5wA8AAAAAOAHgBAI&bg=!hIelh8jNAAZN4L4YbeA7ADQBe5WfOJOWXxA0HnkMj16EQ3J_bW5Na4H-8-Kz_KaLXDUKU2dl2s1dsm0Ty9r9I-dQe0GZAgAAAMhSAAAABGgBBwoAJR_4slsIRDD9w1QoCJafkVgDeW6piyXHwzkTeMrc5FJLhyyohiGZA2EXt4KLB3OFoIRAy7V95iX2gmsdbCJ93wJ8nQIYJbWsYdmWiGDrXFqywJPDzomRR52hJMj2SX_mjRhUBf92nMMublfuLAaRyRUMN5ICIsXZmEtS67wMLkegwpknqXJLp1jNfKQ-011Ory5QVs1Z9494-MKK4dcVGSGrnu9ZR76ZgyUxIOqPHJKlvh4jPD7zm8Iuk_AScuV-k2xeODmmBGR3HT80zUaW4Lpw4gW2KAQqRBckA7LRq8ZLbfxaPYNCQfiRPoI2A6xs2jaIgm73wbyp7tAGmN3r8Y8lEFZbSbaRlNYWx0RnzgAbFqmq1lzYazuFv5OCsNiE36-5MlNb150tvOhkBhcMxCK1LgWS9cJJWoEhZf-Xm3F5LpIUPPNFtgpcuXBYnv-ZcR7zdsA6GJ8FxAwgcp3rdMNdsbzq5TKcX_oouE8W_ARVrZvtNaqJKm7jGybPjQJnlGeSU2D5ABORIoAWWfPuWJTbT-C3NHppZs4l8ye0kUKpsJ_XyfUudav6sUlT45n2yGYTD2MDAVlRJawE_QeQuaq1L6Mv0nrGHO5Ip8R_VG5J0TtxxsKUEz5Y13otCxvSOOgBqK-Hgjwxxkg_KGZg1zkhSLf7D1nRGPSyEm6CUafFaer7zV3dFkiHjViXXf4RD32uAjRGtpVpMLJR2X5P3_XL0SE-JwjIJOoWUhhC4G7WBt6D-Y_HiA4UWa9sAvRWndNfM0UnzvMEHAVBIE8vfP4QrzRXguHLbIz5gaJJVKaN4GI9e3TroSfazcRDxIIrphVzfSToQhoA97zQlG8b9Z3x6RW5t2HeW8sujAoADs85grbEqzJR0SN9nSkJnqjkCOkOnzdg25hmF8Z9jpLQVlv30FcRFVvqgolzRlgszvUH8KdMp2QoT7Ha1ozYrfakGpr5hitf_N98vto30Fcb7BoThmC_Bz3tQJKUO5DobjUMuMzC3Y04WbGouBKrPNMBfP6DKnNAvRpq6rWP1xzpQJKFNOCbaIo0tLm3szMGn6X2RJbjwI1pF6283UEmHuu8kXk01fOxIMYbZDM-ZYXQsru3UDgGSwHR89Nx2RYfl_RnSfWB3YwXPgiPtmxVkQRe9Gwr6123T3bZdvq3DdJfJKDRoWEJ4CVJMhrqGCDC4A70FDRrCNFJBZsP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5528 0
24 B 94ms
94ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8781332862384&version=m202401290101&ct=119&x=1&cor=7662307295749869000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5129 0
24 B 94ms
94ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5528165585750&version=m202401290101&ct=119&x=1&cor=12075180680458375000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5528 42 B
64 B 98ms
97ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRWB3gHM5qdA_UStprnAO7-dVZ61vp-kt7AwXvVKMAY0Y6weEgvvATNDpLSswRmQmg7GuYTJhujtyheQMYXXClgoltrMIpfyOj9R-EfxgkZ6bWpVLYa2WYpLFGVWrTCQL_enVkQCzj8HNjISrGT67PPTmt_L81zqs&sai=AMfl-YQjUHH-4m5n_EJAB1dr9uYMAexQ8cxdNeesVcWXVF9wMSw14yb3ygFRw_mbKa-z2fVLv1EP8qqOYS4KYtsa-6V-BYO0RAL-_1f4uoNC8k6ezY7ePXPGg1v657Kf21Na6Ne-jfvdnzak41CjdUxU&sig=Cg0ArKJSzHcgJf77VDASEAE&cid=CAQSTgAvHhf_ZhpWeqKBtbfif1pboe4M_W0UGgD3WLmMR0Z0mVMsSQ21E1L2-wdhBmo8yDaGjaThbvtF2ZICKJZBU7Jm3fvE2-08RsemWiB9dhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=794,916,1000,1272,1272&tos=794,122,84,272,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=960372768&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=440434700&rst=1708471547534&rpt=278&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA8 0
24 B 94ms
94ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8858263683618&version=m202401290101&ct=119&x=1&cor=14068939865967780000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 108ms
108ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=villavicastur.com_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=Y2FyZC52aWxsYXZpY2FzdHVyLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card.villavicastur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HQ3RRPKVCH3WDY2MC0ZAKTB1
date: Tue, 20 Feb 2024 23:25:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 6
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 858a82e24f834bc0-BUF

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 18:34:33	Name: __cf_bm Value: UZaa.uMYPke6hGltssiTZHeMM83yDvl7guoAIPKs8u4-1708471546-1.0-ARWsoYazDvlZsH1eNuCK9XovmAAzf7Ug3XRJlgOoCFOMf33mJJGo5N/0Jt8yejc/E8iHOLPWGhC6UV7TqfiW9gc=
.villavicastur.com/	1970-01-20 18:34:31	Name: lotame_domain_check Value: villavicastur.com
.openx.net/	1970-01-21 03:20:07	Name: i Value: e3e324b4-acb5-4a36-bb52-8a608586db0b\|1708471546
.criteo.com/	1970-01-21 03:56:07	Name: uid Value: a01f0fdc-73d3-43f6-9be3-9d0930057b77
.criteo.com/	1970-01-21 03:56:07	Name: receive-cookie-deprecation Value: 1
.crwdcntrl.net/	1970-01-21 01:03:18	Name: _cc_id Value: 78c834f4b2e1a9f8dddc69979ab4f2b
.villavicastur.com/	1970-01-21 01:03:19	Name: _cc_id Value: 78c834f4b2e1a9f8dddc69979ab4f2b
.villavicastur.com/	1970-01-20 18:35:57	Name: panoramaId_expiry Value: 1708557946849
.yahoo.com/	1970-01-21 03:20:29	Name: A3 Value: d=AQABBPo01WUCEGb2zq7FjJlTYgEofyDF9acFEgEBAQGG1mXfZdxH0iMA_eMAAA&S=AQAAAirUh5eylrNCbjx6UgtX62c
.villavicastur.com/	1970-01-21 03:20:07	Name: connectId Value: {"ttl":86400000,"lastUsed":1708471546922,"lastSynced":1708471546922}
.openx.net/	1970-01-20 18:56:07	Name: pd Value: v2\|1708471546\|vMgavPkWgy
.criteo.com/	1970-01-21 03:56:07	Name: partitioned_bundle Value: dIjJIl9aaXNiVUs1RHolMkJHamdvUWd0RHR1REdTV3ozakhoRkRjSDJBanVUb01SdnF5aTYySENmQ0JwUmtlJTJCeUZNSVZhcUxYJTJCVGlOZFlUajFwQXd5cDlRZ0pnUmF3bzZZJTJCM21lZFFsOEN3TEFxdTV1aXN3Z3Rub0czWXklMkJHQThtRFRROG5NQ1hHc1dNcnVSM1VYTUZxd3V4MkVObE14bWlhODhrOTI0TmlYaEtKVUVXejJCJTJCQ1FUZFFEWFlOV2NaRFRTYyUyRg
.villavicastur.com/	1970-01-21 03:56:07	Name: cto_bundle Value: 7Qf-919aaXNiVUs1RHolMkJHamdvUWd0RHR1REdTV3ozakhoRkRjSDJBanVUb01SdnF5aTYySENmQ0JwUmtlJTJCeUZNSVZhcUxYJTJCVGlOZFlUajFwQXd5cDlRZ0pnUmF3bzZZJTJCM21lZFFsOEN3TEFxdTV1aXN3Z3Rub0czWXklMkJHQThtRFRROG5SYVRrREVWT1ZlMjBUbiUyQkhJMzhIZ2klMkI3TjVlRTI4eSUyQjhGWGI2dFNSWEFFJTNE
.adsrvr.org/	1970-01-21 03:21:33	Name: TDID Value: 6e1af65f-593c-462a-bddc-b7b2fb705e84
.adsrvr.org/	1970-01-21 03:21:33	Name: TDCPM Value: CAEYBSABKAIyCwj2_e38v53ZPBAFOAE.
.amazon-adsystem.com/	1970-01-20 23:57:05	Name: ad-id Value: A4Cn_2lcMEnIqTmajJkEUzA
.amazon-adsystem.com/	1970-01-21 04:10:31	Name: ad-privacy Value: 0
.villavicastur.com/	1970-01-21 03:56:07	Name: __gads Value: ID=582d628854253f2e:T=1708471546:RT=1708471546:S=ALNI_MaUKdmF9BFalxbiQhU1d7ZtKcZ9gw
.villavicastur.com/	1970-01-21 03:56:07	Name: __gpi Value: UID=00000dcbb1386b66:T=1708471546:RT=1708471546:S=ALNI_MZ9Ox57sNZzH5AA4kfylGkBs8bheg
.villavicastur.com/	1970-01-20 22:53:43	Name: __eoi Value: ID=6569c19fba44873e:T=1708471546:RT=1708471546:S=AA-Afja-Td5I21ErghQU3Ua8TYkS
.openx.net/	1970-01-20 18:56:07	Name: univ_id Value: 537072971\|6e1af65f-593c-462a-bddc-b7b2fb705e84\|1708471547606313
.doubleclick.net/	1970-01-20 22:53:43	Name: APC Value: AfxxVi5BUjol7YlJJvtoyJ5RIgIExXsWnX3npgjoFHncR1I0uYNAyA
.doubleclick.net/	1970-01-20 22:53:43	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:10:31	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:44:07	Name: XANDR_PANID Value: f_YO7cim6M8CPZlfFaWwIjTPoMRrVt8hFPjsJi6ZEGnNPFmrXauvmWO7dhv-UUqfiLERYEjzmLvFZgg6SGrybxFobra0iWxD3WTZIoHuQiI.
.adnxs.com/	1970-01-20 20:44:07	Name: uuid2 Value: 795312775419589998
.casalemedia.com/	1970-01-20 20:44:07	Name: CMPS Value: 1409
.doubleclick.net/	1970-01-21 04:10:31	Name: IDE Value: AHWqTUlsdbywDLUkqYvriPiFxXe88x4W0SNGWvS5s1mnypMKMuR3fhVGDP7pd-4xa_Q
.casalemedia.com/	1970-01-21 03:20:07	Name: CMID Value: ZdU0.9HM6e0AAG-UAB2LagAA
.casalemedia.com/	1970-01-20 20:44:07	Name: CMPRO Value: 3665
.adnxs.com/	1970-01-20 20:44:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In?t$jV/!]tb.8i_iqf!oN/@E'zz<Z0Q8BSQAE>Njk3HFpQ/dQm$K@eV321:#s3@dLjTD._PlZ[C[-kX-Dl]#J
.rfihub.com/	1970-01-21 03:56:07	Name: rud Value: H4sIAAAAAAAA_-MSsrQ0Njc3M7Y0NjAxNzMysjA3EeIz1M2IdPU2cy7MDi8tKQQAPP43PyQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dS7M9LVI9HGs9MhxtwhIDM_zdivOMQEA7q8aRx4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsrQ0Njc3M7Y0NjAxNzMysjA3EeIz1M2IdPU2cy7MDi8tKQQAPP43PyQAAAA
.rfihub.com/	1970-01-21 03:56:07	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dS7M9LVI9HGs9MhxtwhIDM_zdivOMQniNTQ3sDAxNzQ1sTAzM3rFiMoHAHjRT2U9AAAA
.tremorhub.com/	1970-01-21 03:20:28	Name: tvid Value: 9402b59fb2164fc9849c18f5b2f85627
.tremorhub.com/	1970-01-21 04:10:31	Name: tv_UIDF Value: CAESEF5ZL1R086UWQXRXDtWoA28
.tremorhub.com/	1970-01-20 18:41:43	Name: tvssa Value: 1708471548695
.inmobi.com/	1970-01-20 20:44:07	Name: idsp_c Value: 0648156f-8036-4181-bddb-de65c5f1e405
.mxptint.net/	1970-01-21 04:10:31	Name: mxpim Value: R33646_111345737_8E0F9552.1.65D534FC
.turn.com/	1970-01-20 22:53:43	Name: uid Value: 8508443388531624034
.media.net/	1970-01-21 03:20:07	Name: visitor-id Value: 3514731486633873000V10
.media.net/	1970-01-20 18:54:41	Name: data-g Value: CAESENSfRHfaBn2RNb4lic6k-0w~~3
.creativecdn.com/	1970-01-21 03:20:07	Name: g Value: 0a0tlv7HDI9EoHLeLZpL_1708471548852
.creativecdn.com/	1970-01-21 03:20:07	Name: ts Value: 1708471548

171 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fcard.villavicastur.com%2F Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://card.villavicastur.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
3.bp.blogspot.com
a.rfihub.com
ad.turn.com
ade.googlesyndication.com
aep.mxptint.net
ajax.googleapis.com
api.demand.supply
bcp.crwdcntrl.net
card.villavicastur.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.statically.io
cm.creativecdn.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
creativecdn.com
cs.media.net
dsum-sec.casalemedia.com
f0fde6022969f86684da8610b2f3406c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
match.adsrvr.org
mug.criteo.com
mweb.ck.inmobi.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-ab5l6nk6.c.2mdn.net
r3---sn-ab5l6nrl.c.2mdn.net
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
104.18.35.167
104.18.36.155
108.138.128.124
141.95.98.65
142.250.65.162
142.251.35.162
185.184.10.30
185.184.8.90
199.38.167.130
20.253.86.149
23.207.52.22
2600:1f18:4e9:5a01:2490:cb98:2196:d75b
2600:1f18:612b:4232:23c4:9f27:fed9:313c
2600:9000:21ea:e800:10:dd8:5e40:93a1
2600:9000:2511:5000:a:e047:753:eb41
2606:4700:10::6816:3456
2606:4700::6810:8516
2606:4700::6810:8616
2607:f8b0:4006:1::8
2607:f8b0:4006:2::6
2607:f8b0:4006:806::200a
2607:f8b0:4006:808::2001
2607:f8b0:4006:808::200a
2607:f8b0:4006:808::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2013
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::2006
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2a04:4e42:400::347
2a04:4e42::485
3.225.218.10
34.102.146.192
34.120.135.53
34.192.212.3
34.96.70.87
35.244.159.8
35.71.131.137
38.98.69.175
52.46.143.56
68.67.160.132
74.119.119.139
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
045e0da52233306b183e36766e077ee73d35f4139e204b6fc58fee0cba19617a
06ce28ba2c3db8afb4ed91cefd8776adbf05224b5eb9cba2e3dbb9ebe220c3ca
0805770ca80523ede8be5dc87ab19f9ab5dba0903249df9f7c982b912995d895
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb890d213e25cf33417e37de79c453a3768665521b8cd07cf5c18c32c1e30f6
0c701e7998f40488bd88465af906a6fb6fc1186a548c961daac4446a9c9d0f5f
203c7cfa4769a0b37dd8510b3f1f6fc6d37c6242316e32f4626617d6b7b762bf
205922fef16009feda26861d349bdc05638083cffa2ad44e33470820cf9fcc67
21848e1be2893a186ed7fea8801c55fcfce2ff4b7f03689dfe7e9e0b846ce195
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2eb32c8c71eed64867611ac9e498b8bac0495fb3aa9ac06c55f29de89f5deb07
3087039762141ce9321fe190e4a5e094cb38a67941298b6d732edb6136449df3
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318f4d8005527a63e569c29241ea5e95496e0865f6e4d0c5db2e39da8196f7c2
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32ebe0ecb6d8c33ecbe0479466e71376728dcd254898c9a4caac5defe532e665
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b48c4be3c5427132b97fc140c345301475a3f81f958549c7abe9be2343fd76
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560840d26c66d01e35e8257c2599e4d6ff81fb45082ac051cbfb0fb835657951
5677953672cdc5a7bc37981b3a8445f1aa57f79d310a28cbba9fe4f7672fe83e
57aa228c29323e30a36ef806a718c752438f87e9d97c747784eefeaf2a098756
5e2cdf970aca9544bb3a3262da6839d46171681a0833698431853722ef8f3249
61a687a2be850e49d92a692aa74e6ab4c3dc3ea9ac9c8ebaba6fab6883d2102a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8767dc1e5fc93b1de80f81545b42238e0da3ed3bd362d5340a43235b3b92a03a
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
989edad422459154048ddd68b34a71c8365f2a2af02f9edf415d2b9833323f3c
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6cb27f083a4e4b771ba4c0e1cd2ea1d1655c1da4d8097f58bb41ab29dd7da0
9d7b1ebc824ad7f404974f16606e42434eec7a4ab2d68c43a73a063a6b66d4a7
9fc2727a8f20cf3ee566811cef583b5f40fe2dd5f59c231071c6811221ccfa77
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2d1b7a4b94025837233b0d49df6e608dba1898b09021d01cc185d22d0fc4915
a3e7964e774abbbb00f05458eba6d7b4cfbd9bb3dc433c727d1d4fe8b6c71ce5
a3f742877e2197f3098bd00681b25b9afb2430805a2b98a98a4f74381b38b775
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
af542112b4b3b7832935501b6abc83442a1b4d9fead8b5e9997e83cfae651358
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b750220940b9d40f07bd00eae561c929cf6368371b6435ffdfc3729b5f954043
bdc660a520e80c5ffcb6f06ebb28ee177e2153a614d98c46db47ab7d3cb9f43c
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2cd4ee3212162413314087679e2fb5996ba4d6949328565f754e5334280432a
c3c2433d6508b78d5d8c4bdea7c25fbe9195582b27ced686ca40ebc88108fd0d
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
d07f28acff182c30b15ac2d9257306c5bf7cede7a42753ec99b28db2efaace20
d2827edb4b24c23126234289a5ec4351fdc4bb67b05478ee2359dedb210aed9e
d60a36c6a4638387b4f41be6b6680554d342df6e0329e5c3f5d96215ab4d4a3d
dc75105ce4ce3cf9f561899ff717756705ff49c5428dbfffd737986be5fdc417
dd005f77e42d32285d92a2c12feb400cde02fa1aee4d3acdd44930720646fdbd
e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
edb50fc5e0fdb9eecbfb20b0429a1ccf2cb9967734281e417896a853599bd5ac
edc5d57b0a3451cb23423bb29eff08839e6e4c66a72e919e016463448f6b8943
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f351216ee5513fb69321351a40b9dccd530e80f63e4a88406da1a3b5fe282bcb
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
fe72fc99e9196ef70ff4bc4f094508f3b4f9cbd2bb8759b80eb867093e268259
ff5afc2fb4dbd2ecb286ee9b121154abaa9709ae3d710d730a57702725bc28e4

card.villavicastur.com Open in urlscan Pro 2607:f8b0:4006:80f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

84 %HTTPS

54 %IPv6

31 Domains

53 Subdomains

40 IPs

5 Countries

2571 kBTransfer

5510 kBSize

45 Cookies

3 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

card.villavicastur.com Open in urlscan Pro
2607:f8b0:4006:80f::2013 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

84 %
HTTPS

54 %
IPv6

31
Domains

53
Subdomains

40
IPs

5
Countries

2571 kB
Transfer

5510 kB
Size

45
Cookies

177 HTTP transactions
5 data transactions