freeimage.host Open in urlscan Pro
2606:4700:3030::ac43:ccce Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iili.io/
Effective URL:
https://freeimage.host/
Submission: On March 01 via manual (March 1st 2024, 5:46:38 pm UTC) from US — Scanned from US

Summary HTTP 156 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 156 HTTP transactions. The main IP is 2606:4700:3030::ac43:ccce, located in United States and belongs to CLOUDFLARENET, US. The main domain is freeimage.host. The Cisco Umbrella rank of the primary domain is 605797.
TLS certificate: Issued by E1 on January 13th 2024. Valid for: 3 months.

This is the only time freeimage.host was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3038::6815:eb45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3030::ac43:ccce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2607:f8b0:402... 2607:f8b0:4023:403::9b	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 20	2607:f8b0:402... 2607:f8b0:4023:402::9c	15169 (GOOGLE) (GOOGLE)
33	2607:f8b0:402... 2607:f8b0:4023:403::84	15169 (GOOGLE) (GOOGLE)
1 2	34.202.3.146 34.202.3.146	14618 (AMAZON-AES) (AMAZON-AES)
11	2607:f8b0:402... 2607:f8b0:4023:403::94	15169 (GOOGLE) (GOOGLE)
2	2600:9000:247... 2600:9000:247b:5c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4281:4e33:1545:4770:867a	14618 (AMAZON-AES) (AMAZON-AES)
3 4	142.250.96.154 142.250.96.154	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4023:403::5e	15169 (GOOGLE) (GOOGLE)
2	142.250.12.154 142.250.12.154	15169 (GOOGLE) (GOOGLE)
4	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:402... 2607:f8b0:4023:403::68	15169 (GOOGLE) (GOOGLE)
156	19

2 2606:4700:3038::6815:eb45 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:ccce (United States)

ASN13335 (CLOUDFLARENET, US)

freeimage.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4023:403::9b (Sewanee, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4023:402::9c (Sewanee, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4023:403::84 (Sewanee, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.3.146 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-3-146.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4023:403::94 (Sewanee, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:247b:5c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4281:4e33:1545:4770:867a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.96.154 (Plainview, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: gg-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.76 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4023:403::5e (Sewanee, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4023:403::68 (Sewanee, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	1 MB
26	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562	221 KB
17	freeimage.host freeimage.host — Cisco Umbrella Rank: 605797	780 KB
16	google.com 4 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	96 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 860 static.adsafeprotected.com — Cisco Umbrella Rank: 673 dt.adsafeprotected.com — Cisco Umbrella Rank: 650	105 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	102 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	3 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 12492	2 KB
2	iili.io 2 redirects iili.io — Cisco Umbrella Rank: 52266	1 KB
156	13

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net freeimage.host tpc.googlesyndication.com pagead2.googlesyndication.com
32	pagead2.googlesyndication.com	freeimage.host pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net freeimage.host
17	freeimage.host	freeimage.host
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	s0.2mdn.net	freeimage.host s0.2mdn.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net freeimage.host
5	www.google.com	4 redirects tpc.googlesyndication.com
4	www.googleadservices.com	freeimage.host googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net freeimage.host
4	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net freeimage.host
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	freeimage.host
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects freeimage.host
2	counter.yadro.ru	1 redirects freeimage.host
2	iili.io	2 redirects
156	20

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
twitter.com
www.reddit.com
www.youtube.com

Subject Issuer	Validity	Valid
freeimage.host E1	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://freeimage.host/
Frame ID: 181E67F7D1696AEAE065C8CAED1ABE59
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 7B40C02CC336DA26D33270AC53F06FD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&adk=3895348141&adf=3876334049&lmt=1709315194&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Ffreeimage.host%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193696&bpp=6&bdt=263&idt=393&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7152251227945&frm=20&pv=2&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=417
Frame ID: A3D5325438F4D3A97456CA9F9815C864
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Frame ID: E7C147E21CC7384EEAC10F6A773647CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=280&slotname=2160641861&adk=2850293054&adf=272174787&pi=t.ma~as.2160641861&w=1191&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=3&format=1191x280&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193704&bpp=1&bdt=271&idt=435&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=438
Frame ID: C659B0243BD15C2F8F9EF4F9CF998317
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxi-t8yBAjAB&v=APEucNUfPbCaIN9vl4UWim2buDQUcjcJcYmdR2KON5wCHNsJY3ikjAZnkayQfVLRFUWov4j1M0H3c-NYecH9Z-SMSSF9FDpaRg
Frame ID: 97E3152CF6A108093D31EECC38D8373D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A40DFEFDC3A8410C90CBD5E20AA37099
Requests: 26 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 01D3EF3796BF3DCBD7A3790E006871EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6B777FB28ECF1692673AF1CF8377F627
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
Frame ID: B4699450660509328069CB595952F3D9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: F98EE6E4105101F2BB07D66906C0C78E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 28844766397C3BF7673447FA7983B9D6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 1A9FE82C812E191AA0BE875BEB954B08
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 6C27B45865AAD78234950C0CA92E86D2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 7A9B0034487E1CE7B59E1C19E69EEBBD
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DE343DB41E155D6171C47F4D2F02917C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4EE05349A68610330AA6104BA6AC8076
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A85B7D018A4756CE6CDCC1448D1F53EC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FFC4A617C0453A7D928C70B88EDCDA0D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3812BFFC11247AD742D9B64479D1F4E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 17ECEBC57E5ACA2CBA01A3F857951BA4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 401541E26EF8E6DC913A50AC9BA03630
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 33DD7534CE6704394581B310152690A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 054655799CF0E6842840336740E28574
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A503836973E3A76BFDED8F29B59EBCD6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB76F49F9BCFD688AC2637E143FFA14B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Freeimage.host — Image Hosting, Upload Image and Share

Page URL History Show full URLs

http://iili.io/ HTTP 301
https://iili.io/ HTTP 301
https://freeimage.host/ Page URL

Detected technologies

Chevereto (Photo Galleries) Expand

Overall confidence: 100%
Detected patterns

/chevereto\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

156
Requests

95 %
HTTPS

63 %
IPv6

13
Domains

20
Subdomains

19
IPs

2
Countries

2694 kB
Transfer

7024 kB
Size

20
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/freeimagehost-image-uploa/kgnlhgbjaebblellaillgfpkfdgalkek
Title: Extension

Search URL Search Domain Scan URL

URL: https://twitter.com/freeimagehost1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Freeimagehost/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBnal1pBKxhE4DagFLdvHWA/
Title: How-to's Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iili.io/ HTTP 301
https://iili.io/ HTTP 301
https://freeimage.host/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185 HTTP 302
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185

Request Chain 39

https://fw.adsafeprotected.com/rfw/st/1885389/77499083/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-6255092059107871&ias_chanId=1&ias_placementId=20999832644&bidurl=https://freeimage.host/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gRIuEkg6d8vovTxMTbkczS&adContainerId=brand_safety_ehTiZdmpNMaJvPIPice6-Ac&cbFunctionName=goog_wrapCb_ehTiZdmpNMaJvPIPice6-Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ffreeimage.host&adsafe_type=g&adsafe_url=https%3A%2F%2Ffreeimage.host%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6255092059107871%26output%3Dhtml%26h%3D90%26slotname%3D5122040644%26adk%3D1577963354%26adf%3D1219352679%26pi%3Dt.ma~as.5122040644%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1709315194%26rafmt%3D2%26format%3D1200x90%26url%3Dhttps%253A%252F%252Ffreeimage.host%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D2%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1709315193702%26bpp%3D2%26bdt%3D268%26idt%3D422%26shv%3Dr20240228%26mjsv%3Dm202402260101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7152251227945%26frm%3D20%26pv%3D1%26ga_vid%3D1721977241.1709315194%26ga_sid%3D1709315194%26ga_hid%3D1763389888%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D100%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95325752%252C95326316%252C95321963%252C95321868%252C95324160%26oid%3D2%26pvsid%3D1046984313821421%26tmod%3D1062313663%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D427&adsafe_type=bed&adsafe_jsinfo=,id:213f8cad-18b5-621a-b2ad-90689b805f9d,c:5GJ00q,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-68c7d66cb7-qjzsq,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:28,oid:a58d7554-d7f3-11ee-be74-5e11e91ba428,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_ehTiZdmpNMaJvPIPice6-Ac&cbFunctionName=goog_wrapCb_ehTiZdmpNMaJvPIPice6-Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1

Request Chain 45

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeIUe0t3uUUAAFAdAChI2wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFTcmJXQ3I4oOAWlnfwlDbA&google_cver=1

Request Chain 47

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNzEyMzg0MjY4NjQ3NjI5NQ%3D%3D

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct1SDehTiZcaGC5DVo9kPoYC_iAKUq9WXaOTL_JqREMCNtwEQASCbm9plYMnGqYvApNgPoAGnvIf_A8gBCagDAcgDywSqBMgBT9BLwDaMeSRGVAqZof5mVM1HLqghTlGd4IMLH4JT4AeX1JM8zPcW5TCcp3y90d37ng7lLG_epX6eupxX-AJEARcDjj0cw374TFgcC4_5Mv8qWfc1Db1m0blSJoohqgU_uJPmELWN7lIMh2MnTqj0kNhSvYEW-xHwq_fc6AUmUYpZ1FFMhTCQYXw6bFNN7Dp4dPGnjZ5sLfesT0jCbbpsNBHS_NpEs0P-QJ50nVQluzgwHkOCrWpFlQhrBlIqya82ZwsxIGCZnpTABK6XoqHNA4gF_bLDwTGSBQQIBBgBkgUECAUYBKAGLoAHwcN4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQ3b0M0ggkCIBhEAEYHzICigI6CYBAgMCAgICAKEi9_cE6WNGS1afP04QDmgkbaHR0cDovL2lubW90aW9uaW1hZ2VyeS5jb20vgAoByAsB2gwRCgsQgIfEzIDLn5jdARICAQO4E-QD2BMK0BUBmBYBgBcBshccChoIABIUcHViLTYyNTUwOTIwNTkxMDc4NzEYAA&sigh=j2rOd8SBEVU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqK4ZvtIrHwXr0TLHyhqxc94yOJypq4I1JiRswhHkRSGAqCpN_JPJTNLtrUTAxQ6o-Vb9yqT_unp_VIpxZwFhrAqb7pASsiATVMBgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3d543a12bf1a8bf40000000000000000%22,%222%22:%220xe1fc48b9abf98d160000000000000000%22,%223%22:%220xe4e69217a674abd40000000000000000%22,%224%22:%220xa63b33efc70c2e830000000000000000%22,%225%22:%220x78a54f4e6b20cbd00000000000000000%22},%22debug_key%22:%2214223858326712501279%22,%22debug_reporting%22:true,%22destination%22:%22https://inmotionimagery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071767079%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226824905566353068353%22}&andc=true

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CrFhOehTiZYawCsvTo9kPw8GFyAT6i-qXdu35ivOdEtnpuO-pQRABIJub2mVgycapi8Ck2A-gAdqo2NUDyAECqAMByAPJBKoEywFP0IFTWwDfGVOXeVR9a4FY8ocia3XnouSg0jhdWQ84FH2lpzNKCwftZgU1GOrwjLU97k3UNrjCA9xwIgrdrP-zAS-MiwH-3VRfvIvewYoQXGnHg-SOZ0bQVtpYDeA9hFYoxsGo9eoIbqnS3V2HAr8kSmf1X8oj865ps3AkJdxF1fRnzOE40TCc-VXXgsvhJKyX2NDyO-nlqx9VqCyQvWx1PIbOGIGbWw955exsf1I569ywvnZHmX5OEnWn4zUsG-rF1jjtIsRNUPmtDsAEmKbOn8wEiAXfzIuqTaAGAoAHjtenKqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcFEMbAkgHSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYo63Up8_ThAOaCZECaHR0cHM6Ly93d3cuYW1lcmljYW5leHByZXNzLmNvbS9lbi11cy9idXNpbmVzcy9jaGVja2luZy8_ZWVwPTc5MzA5JnJlZmlkPWFtZXhfcDJfc2VtX25iX3AyLWJjYS1nZG4tcHJvc3BlY3QtZ29vZ2xlLWF1ZF8xNzMzNnx7Z2NsaWR9JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV90ZXJtPV9mcmVlaW1hZ2UuaG9zdCZ1dG1fY29udGVudD02OTA4ODQ2ODU4MDUmdXRtX2NhbXBhaWduPVAyLUJDQS1HRE4tUHJvc3BlY3QtR29vZ2xlLUF1ZCZnY2xpZD17Z2NsaWR9gAoByAsB2gwRCgsQoML2wp3zitXXARICAQPYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNjI1NTA5MjA1OTEwNzg3MRgA&sigh=Y-6EcrciVNk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqeKI73GdKh2SLXeWgSY3x9FtBlO4-dE1T3CFNfcZ-aJr6kL8N99stZTC6MQ_ohmr52FYW6GXoIwp1m_yLde4sW6XPBchhlyLyQmEYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9ecb8421e956f7a40000000000000000%22,%222%22:%220x11b271cb966e768c0000000000000000%22,%223%22:%220x640eeab9061f3de20000000000000000%22,%224%22:%220xc813c024c1fd0f7a0000000000000000%22,%225%22:%220xb9f717e957978ff90000000000000000%22},%22debug_key%22:%2210065001946592276442%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213627376660152271057%22}&andc=true

156 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freeimage.host/
Redirect Chain

http://iili.io/
https://iili.io/
https://freeimage.host/

71 KB
15 KB

126ms
83ms

Document
text/html

2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e5507fa102e6a4ea0c96f6d2c9a001c46569591bbf5431bc6137c181640b909

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85daf79668bd4387-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 17:46:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BawVuA7qZNLirlq1sCP8GaFQLhrUS1NUhqbReotyKXXb%2FNAw9MQilgDloq2OUH08TljXtM2d6l7QqYSIXu2p5yRaPFDz%2BEXa5tRmjQMq%2FvlYMhTt2gImcvl1WnQmveoHvg34KPrGJaNvE3L%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85daf795e8f143e9-EWR
content-type: text/html
date: Fri, 01 Mar 2024 17:46:33 GMT
location: https://freeimage.host/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbZTdGH8cLZC5Pples%2FLyK%2F1f2BrXdDSxTBuaZvQQpughMcr0yQY9W1JjNwAwv3QVxQ8Q%2BpZUxn%2BPiyMuaKgRWQvQ%2BI%2B3SjeF8vRKlXv%2FZHkXlI6YHEwOKhViBjbiA%2FAq4c%2BtKeb"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 peafowl.min.css
freeimage.host/lib/Peafowl/ 117 KB
24 KB 24ms
22ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/peafowl.min.css?b9b307ca534d73f2341680d8fc7c17aa

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87017c65ca7b5af8d5e3c22f9c66d521cd450872076354ff34650483ef9facb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:24:56 GMT
server: cloudflare
etag: W/"5f671fe8-1d456"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKVJFa18yjhnl9MxXkdZ8RTjgrhyFNacRvb3eo%2B0TcckCreU1t%2BIzmcHCMCz%2FfJJMfBlyu1b2CRahnu53dkoBDalakwIKAEf4MQPbOh%2Btqhekm9V9JEEAdK2glm641MnRw810jiUXse8bDwjBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf797097c4387-EWR

GET
H2 200 style.css
freeimage.host/app/themes/ 45 KB
10 KB 18ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/themes/style.css?b9b307ca534d73f2341680d8fc7c17aa

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be87256822f27a74dcf03824478b8c0e46fa52b159d39ff38b46e63dfa3202

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:23:50 GMT
server: cloudflare
etag: W/"5f671fa6-b391"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h3iwH%2BfamRv76Brf7J7q%2FbmRpM1hMlKrWlfSW9GApFXcO62rE%2BqTjFaoGPBYACNe%2Bv4Y%2BXzGaWvFroeYDxBIr4W45Gzo80OvaS82Kjzs5KZDZnOlXZK9V8YeqQ4gEQ1SiZ3cydMLgmmMo3zqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf797097d4387-EWR

GET
H2 200 style.css
freeimage.host/app/themes/custom_hooks/ 21 KB
3 KB 25ms
24ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

884dcf8fb15e69d283307fdbbd9167688ffa4008b4584b5da51200ea19756094

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 10:53:17 GMT
server: cloudflare
etag: W/"5f67349d-529e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm2TgHEZ%2FilOkpJVEAcmLQnvY3mQzg8nLbsRJ237%2B6z26sQY9QuJRZkJUQ8h4LUm53pyWbyXudQUKY3DmNLRYxQ1%2FzfHzUkwI4kfm26Pkx3Ev3k2HGtY3zJFnMnJV7h5TyoH7l1mF8Q5tZJ%2B1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf797097f4387-EWR

GET
H2 200 peafowl.css
freeimage.host/lib/Peafowl/ 153 KB
28 KB 21ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/peafowl.css?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e16f136e4d10ee38ac1bedbdf0c5ef59b6b26797f44f72163a6b4c4af8952b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:24:55 GMT
server: cloudflare
etag: W/"5f671fe7-26555"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9QeAVshOiTq%2FEr3SdkfE0SqjQ0cXTJ58JP63L8o0tygJDboWErMvQWseZIFA8jo3v3HJywOMhvSvuTRdRLN2kCwrRIRnw9bLS%2B%2F8jW9xsLDAxP9NihVqqz%2FyXt8jaDMtPZKHMJCFA93JkOMnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79709804387-EWR

GET
H2 200 style.css
freeimage.host/app/themes/ 45 KB
10 KB 19ms
18ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/themes/style.css?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be87256822f27a74dcf03824478b8c0e46fa52b159d39ff38b46e63dfa3202

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3984
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:23:50 GMT
server: cloudflare
etag: W/"5f671fa6-b391"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM3bJ%2F9KPu%2BMZGVVmrsrK2zEv0Sg8ullh8k0imNYlYytHwF5P0KI%2BaOuY3zZemgpjCOTTJ6cD50%2BxUcJZlD5vUarl%2FCD%2FMPjofSkle81JeorRfaiipghBPCVugkeJPJmZ17LX%2FgBFvM92QkVdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79709824387-EWR

GET
H2 200 style.css
freeimage.host/app/themes/custom_hooks/ 21 KB
3 KB 20ms
19ms Stylesheet
text/css 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/themes/custom_hooks/style.css?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

884dcf8fb15e69d283307fdbbd9167688ffa4008b4584b5da51200ea19756094

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3984
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 10:53:17 GMT
server: cloudflare
etag: W/"5f67349d-529e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Ffw2HQQiFVQmWojiR%2BlNOhMyQVZ%2Bw1w2YasTArGO3oeaVWT4GbznTKN3Q8WdnNwj2HHrnTusMHELDLtQhvTqvBKY9Ula5S39uuwmvuRl%2BmnoMQHedgJa7LpFid334qXbc6oHbJhvrvaUmjOSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79709834387-EWR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 166ms
95ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6255092059107871

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58d880c52e45fe02c90bc193b7b8469e578ea1480d63b03197b6fa6a5013d51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51188
x-xss-protection: 0
server: cafe
etag: 5781233183063124498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 01 Mar 2024 17:46:33 GMT

GET
H3 200 logo_homepage_1577917990964_282d1e.webp
freeimage.host/content/images/system/ 5 KB
6 KB 22ms
21ms Image
image/webp 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freeimage.host/content/images/system/logo_homepage_1577917990964_282d1e.webp

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47bb06ab2be3b58ca5411a770899cf17874503821db52b976f853537967b7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5143
alt-svc: h3=":443"; ma=86400
content-length: 5356
last-modified: Sun, 20 Sep 2020 09:27:16 GMT
server: cloudflare
etag: "5f672074-14ec"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxOVnmhKlCow2tD%2Ff993Ljaioe196TtUxcYpEL4GZx5dkgHgq0ZUyGkbd8FPbUJEyn3PYiLYbKDJJNHeeBpjUnZ1alrRYO3WdA98Z%2FH4ZS9N8IihKNfun4G3ZbXf12ggqXDC8Apc7YUT5ygodA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79738914286-EWR

GET
H3 200 scripts.js Show response
freeimage.host/lib/Peafowl/js/ 248 KB
80 KB 26ms
25ms Script
application/javascript 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/js/scripts.js?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0ce5154a1bd56acf752b8568828a397ffdafbc45cb7dc274e14f5595b9d68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3923
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:27:31 GMT
server: cloudflare
etag: W/"5f672083-3e01d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvRhEZnMAmOISTHNEv3TlmsyQnEHol2v6p%2BIvjAC9UstW3hKFhGtvP0NnkQf46rTed4p1BCISgldvfoo8uoXB3fx8mBVOljWZohN8OStuVoco0d5fVq42oTic9AkCgWmM6Zk4DhYhxvwam6VEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79758c14286-EWR

GET
H3 200 peafowl.js Show response
freeimage.host/lib/Peafowl/ 385 KB
75 KB 39ms
39ms Script
application/javascript 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/peafowl.js?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2151ea3c5abf5e7b4b8b2eed91adbf302ae5feb4fd72939a783589d51444e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3923
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:24:56 GMT
server: cloudflare
etag: W/"5f671fe8-60225"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNIBdtCtGbdzySsNBjc0J3zZxn0TSAcw68ALKWtGtf30UkDuqO%2FFfsDGLV%2Fja0s%2BkNxdqBFs0gkSs8G9u5y59xm7JVwafeSKgk%2BmSeEHqh1QmxmNQ4zcFBCdG%2FJknhjn04myhrOm9WoZ0KtTIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79758c24286-EWR

GET
H3 200 chevereto.js Show response
freeimage.host/app/lib/ 222 KB
40 KB 20ms
19ms Script
application/javascript 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/lib/chevereto.js?5192df5bda0c0f1627a735d692b2358d

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e90129759ed7d7799f8623aeeaa02c838d7f1dc5682773ebbe3c530147811353

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 995
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 09:23:29 GMT
server: cloudflare
etag: W/"5f671f91-37774"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KNJZ0DYLi7MUbxA%2FxJuR4Q4fgUXK1vhAtYcrTA%2B4e80LLFb9hCTvSHxErb7gOc33eLIAHynYnkkxXm5zbzxPWrqvac4SY%2B1mJzGHFJ5s0qvBsDuwQyIeE5bmcU7drlIxOG2odD9tVlmva4ApQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85daf79758c34286-EWR

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185

418 B
904 B

152ms
152ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa2995a5509de47472e5d8c1f27e0ffa1511d56b72ad565025b3f1daf077e6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 17:46:33 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 418
Expires: Wed, 01 Mar 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 17:46:33 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//freeimage.host/;hFreeimage.host%20%u2014%20Image%20Hosting%2C%20Upload%20Image%20and%20Share;0.4437945650679185
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 01 Mar 2023 21:00:00 GMT

GET
H3 200 free-image-host.webp
freeimage.host/app/content/system/ 332 KB
332 KB 37ms
36ms Image
image/webp 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freeimage.host/app/content/system/free-image-host.webp

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/style.css?5192df5bda0c0f1627a735d692b2358d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d17425d4fd45e6e76aaff4e8fe440088568c84404e4b74431045b8c83f8487

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/app/themes/style.css?5192df5bda0c0f1627a735d692b2358d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5824
alt-svc: h3=":443"; ma=86400
content-length: 339470
last-modified: Sun, 20 Sep 2020 09:25:20 GMT
server: cloudflare
etag: "5f672000-52e0e"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIiTiaf2nMiu8uRJSH7bkgZr%2FIQPWBNZTXR6a8zNDOcPeX7XsakTu%2FMxXwXBRCyyoHpdo7YkmooPsWSxD6atoun75RDgNcTgQA71crRoLLVrm9zeTImqr5%2BwpyF%2B8emkpkXGjypgdw3SuA7Bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79768ee4286-EWR

GET
H3 200 poppins-v9-latin-regular.woff2
freeimage.host/lib/Peafowl/fonts/poppins/ 8 KB
8 KB 42ms
41ms Font
font/woff2 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/fonts/poppins/poppins-v9-latin-regular.woff2

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3493
alt-svc: h3=":443"; ma=86400
content-length: 7968
last-modified: Sun, 20 Sep 2020 09:40:31 GMT
server: cloudflare
etag: "5f67238f-1f20"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXi2OsOdcy8q7YGoEP2z2J%2FkaZ1X44oypGnX1cvnlTb6xblqvMClQxzdsAXDz7UZ9Z1TkrIWFvxL5rMzfQzsz0MV2P%2FaU6oJyyBZpVX%2BJ5l52idvNWwtK4lYDAhSK0J692Rt7%2B3yB0CQVeZITw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79769134286-EWR

GET
H3 200 icomoon.woff
freeimage.host/app/themes/custom_hooks/fonts/ 120 KB
120 KB 43ms
41ms Font
font/woff 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/app/themes/custom_hooks/fonts/icomoon.woff?x4x4bl

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733b969fbec87646d0d657e46b46e3fb3b97e7afa65043798b6df8dffe0305b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3492
alt-svc: h3=":443"; ma=86400
content-length: 122496
last-modified: Sun, 20 Sep 2020 09:27:56 GMT
server: cloudflare
etag: "5f67209c-1de80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpIfG3xzJeq9QjSk3CqL41Jkr7USzgkvlKWjRr863BiIZuowFyBpFnHrrMYwSZch0sFIglUm0uaQoRX90hP3KVYrQs6RtRyz%2BAvXrzwb%2BtX%2BwdPmwlwNMnGSXOSFqBOCBKxeIxacGt4Nsigr0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79779184286-EWR

GET
H3 200 poppins-v9-latin-600.woff2
freeimage.host/lib/Peafowl/fonts/poppins/ 8 KB
8 KB 45ms
44ms Font
font/woff2 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/fonts/poppins/poppins-v9-latin-600.woff2

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5143
alt-svc: h3=":443"; ma=86400
content-length: 7836
last-modified: Sun, 20 Sep 2020 09:39:49 GMT
server: cloudflare
etag: "5f672365-1e9c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9I25Rn9ds3L7NKb9oUhfgGfhX%2BDIxrkg2edC5ngo5wu%2F1agq3qa4T1nyGxWf3tLEvsX5q3c9%2BYsEeRrDYZGS0eOn4yaMP2tavHzAmg6FduOgwvDQuuMf8X9vaX4ZrvkGWxba8pfzR7gvm4isA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf797791e4286-EWR

GET
H3 200 poppins-v9-latin-200.woff2
freeimage.host/lib/Peafowl/fonts/poppins/ 8 KB
8 KB 45ms
44ms Font
font/woff2 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/fonts/poppins/poppins-v9-latin-200.woff2

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269840bf0697ecaf90258285986e62e397b532c87e79eaab7ca91a9b3c4085bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6990
alt-svc: h3=":443"; ma=86400
content-length: 7948
last-modified: Sun, 20 Sep 2020 09:39:11 GMT
server: cloudflare
etag: "5f67233f-1f0c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rz7NME7plSZ1FARvJ25f6aqYwCO5tDAmpvlBXapFWpPD7PNpw2im6z9hbwQCyOH%2FYhWMnNDc%2Fia3WDZDxBPPNWPqkUKaNOjZsxhijBvgPpbQ1mDXwNeSAOJqFiM4TnmwIt3HWwIdGFG3u1b3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79779204286-EWR

GET
H3 200 poppins-v9-latin-700.woff2
freeimage.host/lib/Peafowl/fonts/poppins/ 8 KB
8 KB 45ms
45ms Font
font/woff2 2606:4700:3030::ac43:ccce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimage.host/lib/Peafowl/fonts/poppins/poppins-v9-latin-700.woff2

Requested by

Host: freeimage.host
URL: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://freeimage.host/app/themes/custom_hooks/style.css?b9b307ca534d73f2341680d8fc7c17aa
Origin: https://freeimage.host
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3493
alt-svc: h3=":443"; ma=86400
content-length: 7924
last-modified: Sun, 20 Sep 2020 09:39:58 GMT
server: cloudflare
etag: "5f67236e-1ef4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BoUskGzJhwTZ%2BT7UOQ3x7xxVfhhtqeGRowCgmomndqcDpAAH0GM0S75FDPEQ%2BFfbAt0uqCBDEIbw%2Bz1QDo9p%2F%2FransUDWPcWJkdFkfmIkaadaQmm989sHmRlZSQFd5T9ZiGk%2FQTTjFeHkKuEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85daf79779264286-EWR

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/ 406 KB
138 KB 161ms
105ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6255092059107871

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38bf6faa34eb424eaaf7f3f7b1a4d45f6fbd5f2432bbfb5a2054ae4206187de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140994
x-xss-protection: 0
server: cafe
etag: 9880804925315802142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:46:33 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 7B40 9 KB
4 KB 86ms
27ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6255092059107871

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 00:34:46 GMT
etag: 5035419970550746386
expires: Fri, 15 Mar 2024 00:34:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3D5 581 KB
108 KB 1390ms
1389ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&adk=3895348141&adf=3876334049&lmt=1709315194&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Ffreeimage.host%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193696&bpp=6&bdt=263&idt=393&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7152251227945&frm=20&pv=2&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e53fdf33e1def42b87cbc35b5cfd322a28855f065d26f436c03afca3138f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:35 GMT
expires: Fri, 01 Mar 2024 17:46:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=top-bar&cls=top-bar%20transparent%20black&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7C1 25 KB
10 KB 520ms
519ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b9c45d4aa1b892bd2e7c8e385cd0d1dfa4c7a72e4ec789fef3cefb932525b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:34 GMT
expires: Fri, 01 Mar 2024 17:46:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C659 114 KB
39 KB 936ms
936ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=280&slotname=2160641861&adk=2850293054&adf=272174787&pi=t.ma~as.2160641861&w=1191&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=3&format=1191x280&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193704&bpp=1&bdt=271&idt=435&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=438

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9603d349b62b8005639560a70b45bcd57bda96f9e8a116796cf0984cca858866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39915
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:35 GMT
expires: Fri, 01 Mar 2024 17:46:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 97E3 624 B
246 B 385ms
383ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxi-t8yBAjAB&v=APEucNUfPbCaIN9vl4UWim2buDQUcjcJcYmdR2KON5wCHNsJY3ikjAZnkayQfVLRFUWov4j1M0H3c-NYecH9Z-SMSSF9FDpaRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:35 GMT
expires: Fri, 01 Mar 2024 17:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A40D 93 KB
33 KB 99ms
98ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:46:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A40D 3 KB
1 KB 91ms
32ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A40D 20 KB
8 KB 89ms
30ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A40D 207 KB
63 KB 29ms
29ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A40D 42 B
63 B 79ms
78ms Image
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbFrZPx-OLChdEZznsl2ZBDpEuVYHgCykfNccURC_pVwHIGdVtKKStFjHo3ChWboqiD1DSk7gzOyivpAxpbxBZsLIVv6R9jJcstSGN4Bjrdns64zc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A40D 0
20 B 77ms
77ms Ping
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1801539337801&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A40D 0
20 B 77ms
77ms Ping
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1801539337801&version=m202401290101&ct=76&x=1&cor=6284743440736909000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A40D 108 KB
41 KB 96ms
96ms Script
text/javascript 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_hbUKWiKPjjqPgGvHAMWs5RxiA7cS1VAcyH9f17ACwVW8HOZiLlLfcy_o8prsa6j0XLhjFhe2A8PsgyCN1XwiwYCcw5iGxaTcxCh0675ut18EqvteEyt5jA6h8M5dk7BJjKUeN41GjvgpuY_YhqirSgQqHkGSRUljqfGGiAdToYtekC2Ls7k2F88PZeO4s6A2mJlgcBwjVjfpnwtmL3czSmnwrw&dbm_d=AKAmf-CYNjvh87GW9SGaHj3wA7O0-k-p2yWyNxB86-ncSxKszZfDqUBalvy6x9sdQkCUVY1sLhWW3_AY_mID5-RoU2ZsNMOPfBEv4rcUoYGOWb7ioBkzcXJ9LqWMuqeIBp75Btwrrl3AtY-NgpopFHCtr8DKzkdON1aTPAsns7P0iuUbLIAedRlwCsj8Cfubmi5Q_FewfaX9yWs7Nc1SFrh5bbmbRxVUECfSMUyVkBHzdrWiQqw221uvrUBM2Ikpb03jajO61KpwKjuFAb6eNl5vc0FsP-7326dL9A-c3W7OSfN6NLTgPAW4MMG9dQOWYeseeGtdq8lwiHzjJXZXDcQuxIr1hghhZjAccw4ZgvwJ9qNiSf0ds6M7y6V9MtUi50r3_zQ0SPwFNIBRmNFmbjDZVzEeVK0coLlGdDhCpitLxNZqJoDrN_Mt51LuCFSe2bqacPXvQtIKGcwl5ppU__tKrHxiv4ycfRxKEXxHp3Ydk0TUYH19dnrgGhHA4LKh1rBT-kgohBRmf93ML36cb3TUi-TJ6UZF3gDTH6bUIund4zTsUFxufumpRvz6BrTvKP03QL89qTHJj6PvlZgozo5DvPh0-IlB_O3OpHKFykPhcv0XmaHLK8EoBwJJwc97ZqAPrlGoqXDq7Pfft7kcSkuKFrLu4qHYJtvQFEcDsIsmf6W-GwXn-lXdIt3dB9R7HqY_QfelYQzchHfs1Ep0qJ0kMeD5c74ptwr8OJdb1vIwJEcn3Gw-ZtIebr8J7ADfFipoNx-5EBTvam1Fh5ju3EOmRyjDbS_qabSfnHBnmrnnKkRBJ607u7k9400efudMFM4XhJbXt3LRbvduqM5VHlNwI-If8cS2wqibx64k4C7bPhgBFvvi2uMb09MAs0SKqHQtbXkVEpe0qkaVCmSqiDC_EkxkULwotcZKi4GIzuSTj1LSVt7XN8RyEMnifnteo8oHwt6Pvho4c2ajQL8yG2vw7TLjMkSGFAIfTy5pfyhXUg3GkTbsozpxtbFy3MZLlNuppgUydCiiRoOEdv_pEMR1YtDIjFTZEjXnds2rGS8FqMUltxTbWxceyQwsSS5_Eiqh6mETJOIYVcr0q3FgQmAAWvZ_3lm3_w8BIZVOWTNdGrRCPaVa_VJSHkGNiNLO7rfpSQd7KeVq9tlh08GYYLLOOOPbrRadTorUVSANSeMLpV5YM2k7_T6s84HNdshgRQ2jaBYF2qZtbW72atcAVEqo3HIzFTbhC0Oc4qfg3I2vKWkLb1IuUju2f0W4MJRVKTToUJ0IViEzB6B46LsgRspy0ymvKegKzhGP4HtimhWQuSmQsRk4_xftt8AUK14EFUwXFsOeBScGSw2Pr1a1UnoT_xGg1puiOvr76pcRIDg7oBYwcBTrWajg65laKzjDjVdxi37LMEF3IwqXTF1cDFonQgkbRiQInF_xPO5rr0DCoYCCmSbZF5W9_kHnSZc36LTkyKgsH6MuxPt_yc2m0KmvlxS0TKGKnQMvaZTQrGkigqlW58cMyqm7riDsNIz2dJAsgA7A0tg4DFNkUGXajK4gjxvvsKNc5s5d4c1rvJMNZ2USIg4DSPFRwHTNyAKAauNnzdm8VQbUNbj4ef-cOmU6Tna0qT7i6oJNxUuJwT77tjcFm4LK04qbPStup2rkaXqCaI-6XjD2HfkMMil6Pbc3av1mTOM9Y1oBpcxHuxnT72yZvKLEQoJabYrE3loYS1BRmKuFz7dLpnOjPRmNF03ACPM1nt0biuPRZjocVQ387GmQtvTFL4IKoGJUSqnEspS33AhOYNt5XhLWBmjbwl-wGiEtHJ0kjmuq_ddlstM6IMpz1Lubc2njswdhxmsd_SfNe5gcguKKdNvmdsKjTfj_joePKeDmuWctNDpZnrjWfhHpOz2uEmbNEVwI4ZOVphdJmEXDDrq_G_Rhlgi1BENTnAYrkGvP0fH3r0lCv_6mTUMD8Yq4SA3nJ1yO6HOtSrOK2Fv1OVlb5dIQxU_xmbMecEi0yYTPXfCue-V_q26-VuSWCdRfqZXQFe2VIiilGBo8M05vJMuVnijg6QrMXOSnBdqYWHu81XzLmd7HCN8NdOzGBkuvtMRhdm50CkUvnU_wMcW9X4M1pcm2VqmzTnVTeKVsW0gezBiVYTeWBOOUI0j8en77AbTy1JEnaf66NeFLJtX8U89qRA2iN0ToYwFgGWWxLr4-YQjAS074WahEqoA2knanpeqNXqDwGoAno5nR_lXwoDtz3lShG7dkOn8DLpt9-gj05b39w02ucre7uEGhLFMu2aWbhjbPvl4nUGqyDKgliJ24Kav3oLkuCDggW2Kx0k86Wvp637n9yGuch_6AJY8llUnePmJIY3G3EmxsQ51UPC1idqeDbZNjsJYCkLH_OD_wCku5IRomOiYqFq78rkIUBRl3QtaQ2sDQfRmJLunnoelLR9EHwTj5p58oUj9jUaM6mzqyhSgTzMHnvyZss5Ayv6IcGvUQ2Zx2zWsFLYlPTzaurSbfiWWfSr0pZ72FmuO-OquqVYBgV9JXE56KFxjNSOvTGeOrPUdOgxNcuRW_6LoEhyN79VOj13zZfXJRW7QUxr592f-zC2ellZq4CLRHELU6iAnL1-BXBRcr24hXHiuckae_IWJuHhOF1x38tRiVzNCG4viV0_kNw9dxTpdQtBDqoKrIl9gwDya1tM1mKjRo_xA6BFq1I5fAWTTMB7WMQaIao-Vdhgf9VVfTO9SGb_Zi3w1iH64FQbfDF31o3jKuxy8F8zYlyoElLGMJYXWYhUpkM3_Ysrd5H1fJyE95iEi8ZnFloHrUKf4YaRHLqXsk9ybpdZVQkmuX8ePR5Py8Zuuci0vxPNb-GtH8mIlUEm68Zl1Qb7QCZd7nVkDedeFWNt01UoaquBzsXgkY5zNlpfZi6BkRGalMLB3t2vFFwLCRSsvs0izb9XRH4UITWxhBQnOcJ8fGdQ2wTqUiQIywa3u-iXadG89wjxw7Mv-XTQQZfqY-v-u3IsfWrEFwC10PyE84qoqbICGcDbIF9rELUufOKEL7Zs6t-J1DSFS9-SRoZ3mAUbAiPRWg49zx7M6uVb12eQhjcnEqJhj8Ugf0YgPXRry18PEmY2JMaYh5Pxjk2KnWsEtPI3gpLjpwtcoEjII3JXksJRcfUelBOmpEEx_0qCrosbCp39bkD1bLIKDgte2KBbSo5unfZCthLxaRUUkmkXIXt7eIdMSdhy92QJLQ2YSghWnG-_j2f9ppbY3Va7Bxk0WpBds7kzbb309D0IXLiKs7JPNC5BX2PTZwMNbKusCk7eQsxaDZhbLbR2zYbVGcXJFEnaeER_IwBVPNOT7AdtOkPpzRGyMxi84fyYAChfSiTI50RMP95kHbyQBa30VgfzP_unGgyoM0PMtVtlcgcrJY_3S_pUIz4zc6xD1uMh_nrBkKEG-dG64q0S1B7GxISuYBcJYAMQ6YW1O10qpodI32iQ7zByCLmMdLos77uHTiBuaidhfAbunrCXAUbvGpYXg5Ai0HwfSXTdtymPwaW0sKXW5m2R8ceEKb9GVMfw0XPnAmyMRtIBB78dzDyyYbzsOHw3nDu6ABshMbqKzRNS1U1ZfZiQm_wFpWtcCMcIf8ebAEaLfA9GdRLjA1Q7sJz8J_Kq-flB6WmDwa_4plAPZOF6QvCeR-DVj75elrtu6r4Z6G0TuNoDpLwoMHAszLfVGLZLNppGaLB9DnGzpx8tao--hz88861Z3tEQ&cid=CAQSTgB7FLtq6UVPUvyARIABkC3CsEJvAzQVaggR70d4p9ROg4plgHK1KFsxSTy6AWTv0AalqH03_6Vr5JYvmv6KssPRlv2DVhpIu0WG0svHVxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Ffreeimage.host%2F&ds=l&xdt=1&iif=1&cor=6284743440736909000&adk=2124396031&idt=112&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a9e3f33e734973bc137d5d37185a4f7c051644dd9ab9417fb9138afdafb519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1885389/77499083/ Frame A40D 271 KB
79 KB 42ms
14ms Script
application/javascript 34.202.3.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1885389/77499083/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-6255092059107871&ias_chanId=1&ias_placementId=20999832644&bidurl=https://freeimage.host/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gRIuEkg6d8vovTxMTbkczS
Requested by: Host: freeimage.host
URL: https://freeimage.host/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.3.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-3-146.compute-1.amazonaws.com
Software: /
Resource Hash: fe3e69e9215e3e33beee85e52083e367cc59656faa417b1d5f0f308180c76411

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:34 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A40D 111 KB
39 KB 90ms
28ms Script
text/javascript 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 13:04:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame A40D 12 KB
4 KB 27ms
27ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_hbUKWiKPjjqPgGvHAMWs5RxiA7cS1VAcyH9f17ACwVW8HOZiLlLfcy_o8prsa6j0XLhjFhe2A8PsgyCN1XwiwYCcw5iGxaTcxCh0675ut18EqvteEyt5jA6h8M5dk7BJjKUeN41GjvgpuY_YhqirSgQqHkGSRUljqfGGiAdToYtekC2Ls7k2F88PZeO4s6A2mJlgcBwjVjfpnwtmL3czSmnwrw&dbm_d=AKAmf-CYNjvh87GW9SGaHj3wA7O0-k-p2yWyNxB86-ncSxKszZfDqUBalvy6x9sdQkCUVY1sLhWW3_AY_mID5-RoU2ZsNMOPfBEv4rcUoYGOWb7ioBkzcXJ9LqWMuqeIBp75Btwrrl3AtY-NgpopFHCtr8DKzkdON1aTPAsns7P0iuUbLIAedRlwCsj8Cfubmi5Q_FewfaX9yWs7Nc1SFrh5bbmbRxVUECfSMUyVkBHzdrWiQqw221uvrUBM2Ikpb03jajO61KpwKjuFAb6eNl5vc0FsP-7326dL9A-c3W7OSfN6NLTgPAW4MMG9dQOWYeseeGtdq8lwiHzjJXZXDcQuxIr1hghhZjAccw4ZgvwJ9qNiSf0ds6M7y6V9MtUi50r3_zQ0SPwFNIBRmNFmbjDZVzEeVK0coLlGdDhCpitLxNZqJoDrN_Mt51LuCFSe2bqacPXvQtIKGcwl5ppU__tKrHxiv4ycfRxKEXxHp3Ydk0TUYH19dnrgGhHA4LKh1rBT-kgohBRmf93ML36cb3TUi-TJ6UZF3gDTH6bUIund4zTsUFxufumpRvz6BrTvKP03QL89qTHJj6PvlZgozo5DvPh0-IlB_O3OpHKFykPhcv0XmaHLK8EoBwJJwc97ZqAPrlGoqXDq7Pfft7kcSkuKFrLu4qHYJtvQFEcDsIsmf6W-GwXn-lXdIt3dB9R7HqY_QfelYQzchHfs1Ep0qJ0kMeD5c74ptwr8OJdb1vIwJEcn3Gw-ZtIebr8J7ADfFipoNx-5EBTvam1Fh5ju3EOmRyjDbS_qabSfnHBnmrnnKkRBJ607u7k9400efudMFM4XhJbXt3LRbvduqM5VHlNwI-If8cS2wqibx64k4C7bPhgBFvvi2uMb09MAs0SKqHQtbXkVEpe0qkaVCmSqiDC_EkxkULwotcZKi4GIzuSTj1LSVt7XN8RyEMnifnteo8oHwt6Pvho4c2ajQL8yG2vw7TLjMkSGFAIfTy5pfyhXUg3GkTbsozpxtbFy3MZLlNuppgUydCiiRoOEdv_pEMR1YtDIjFTZEjXnds2rGS8FqMUltxTbWxceyQwsSS5_Eiqh6mETJOIYVcr0q3FgQmAAWvZ_3lm3_w8BIZVOWTNdGrRCPaVa_VJSHkGNiNLO7rfpSQd7KeVq9tlh08GYYLLOOOPbrRadTorUVSANSeMLpV5YM2k7_T6s84HNdshgRQ2jaBYF2qZtbW72atcAVEqo3HIzFTbhC0Oc4qfg3I2vKWkLb1IuUju2f0W4MJRVKTToUJ0IViEzB6B46LsgRspy0ymvKegKzhGP4HtimhWQuSmQsRk4_xftt8AUK14EFUwXFsOeBScGSw2Pr1a1UnoT_xGg1puiOvr76pcRIDg7oBYwcBTrWajg65laKzjDjVdxi37LMEF3IwqXTF1cDFonQgkbRiQInF_xPO5rr0DCoYCCmSbZF5W9_kHnSZc36LTkyKgsH6MuxPt_yc2m0KmvlxS0TKGKnQMvaZTQrGkigqlW58cMyqm7riDsNIz2dJAsgA7A0tg4DFNkUGXajK4gjxvvsKNc5s5d4c1rvJMNZ2USIg4DSPFRwHTNyAKAauNnzdm8VQbUNbj4ef-cOmU6Tna0qT7i6oJNxUuJwT77tjcFm4LK04qbPStup2rkaXqCaI-6XjD2HfkMMil6Pbc3av1mTOM9Y1oBpcxHuxnT72yZvKLEQoJabYrE3loYS1BRmKuFz7dLpnOjPRmNF03ACPM1nt0biuPRZjocVQ387GmQtvTFL4IKoGJUSqnEspS33AhOYNt5XhLWBmjbwl-wGiEtHJ0kjmuq_ddlstM6IMpz1Lubc2njswdhxmsd_SfNe5gcguKKdNvmdsKjTfj_joePKeDmuWctNDpZnrjWfhHpOz2uEmbNEVwI4ZOVphdJmEXDDrq_G_Rhlgi1BENTnAYrkGvP0fH3r0lCv_6mTUMD8Yq4SA3nJ1yO6HOtSrOK2Fv1OVlb5dIQxU_xmbMecEi0yYTPXfCue-V_q26-VuSWCdRfqZXQFe2VIiilGBo8M05vJMuVnijg6QrMXOSnBdqYWHu81XzLmd7HCN8NdOzGBkuvtMRhdm50CkUvnU_wMcW9X4M1pcm2VqmzTnVTeKVsW0gezBiVYTeWBOOUI0j8en77AbTy1JEnaf66NeFLJtX8U89qRA2iN0ToYwFgGWWxLr4-YQjAS074WahEqoA2knanpeqNXqDwGoAno5nR_lXwoDtz3lShG7dkOn8DLpt9-gj05b39w02ucre7uEGhLFMu2aWbhjbPvl4nUGqyDKgliJ24Kav3oLkuCDggW2Kx0k86Wvp637n9yGuch_6AJY8llUnePmJIY3G3EmxsQ51UPC1idqeDbZNjsJYCkLH_OD_wCku5IRomOiYqFq78rkIUBRl3QtaQ2sDQfRmJLunnoelLR9EHwTj5p58oUj9jUaM6mzqyhSgTzMHnvyZss5Ayv6IcGvUQ2Zx2zWsFLYlPTzaurSbfiWWfSr0pZ72FmuO-OquqVYBgV9JXE56KFxjNSOvTGeOrPUdOgxNcuRW_6LoEhyN79VOj13zZfXJRW7QUxr592f-zC2ellZq4CLRHELU6iAnL1-BXBRcr24hXHiuckae_IWJuHhOF1x38tRiVzNCG4viV0_kNw9dxTpdQtBDqoKrIl9gwDya1tM1mKjRo_xA6BFq1I5fAWTTMB7WMQaIao-Vdhgf9VVfTO9SGb_Zi3w1iH64FQbfDF31o3jKuxy8F8zYlyoElLGMJYXWYhUpkM3_Ysrd5H1fJyE95iEi8ZnFloHrUKf4YaRHLqXsk9ybpdZVQkmuX8ePR5Py8Zuuci0vxPNb-GtH8mIlUEm68Zl1Qb7QCZd7nVkDedeFWNt01UoaquBzsXgkY5zNlpfZi6BkRGalMLB3t2vFFwLCRSsvs0izb9XRH4UITWxhBQnOcJ8fGdQ2wTqUiQIywa3u-iXadG89wjxw7Mv-XTQQZfqY-v-u3IsfWrEFwC10PyE84qoqbICGcDbIF9rELUufOKEL7Zs6t-J1DSFS9-SRoZ3mAUbAiPRWg49zx7M6uVb12eQhjcnEqJhj8Ugf0YgPXRry18PEmY2JMaYh5Pxjk2KnWsEtPI3gpLjpwtcoEjII3JXksJRcfUelBOmpEEx_0qCrosbCp39bkD1bLIKDgte2KBbSo5unfZCthLxaRUUkmkXIXt7eIdMSdhy92QJLQ2YSghWnG-_j2f9ppbY3Va7Bxk0WpBds7kzbb309D0IXLiKs7JPNC5BX2PTZwMNbKusCk7eQsxaDZhbLbR2zYbVGcXJFEnaeER_IwBVPNOT7AdtOkPpzRGyMxi84fyYAChfSiTI50RMP95kHbyQBa30VgfzP_unGgyoM0PMtVtlcgcrJY_3S_pUIz4zc6xD1uMh_nrBkKEG-dG64q0S1B7GxISuYBcJYAMQ6YW1O10qpodI32iQ7zByCLmMdLos77uHTiBuaidhfAbunrCXAUbvGpYXg5Ai0HwfSXTdtymPwaW0sKXW5m2R8ceEKb9GVMfw0XPnAmyMRtIBB78dzDyyYbzsOHw3nDu6ABshMbqKzRNS1U1ZfZiQm_wFpWtcCMcIf8ebAEaLfA9GdRLjA1Q7sJz8J_Kq-flB6WmDwa_4plAPZOF6QvCeR-DVj75elrtu6r4Z6G0TuNoDpLwoMHAszLfVGLZLNppGaLB9DnGzpx8tao--hz88861Z3tEQ&cid=CAQSTgB7FLtq6UVPUvyARIABkC3CsEJvAzQVaggR70d4p9ROg4plgHK1KFsxSTy6AWTv0AalqH03_6Vr5JYvmv6KssPRlv2DVhpIu0WG0svHVxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Ffreeimage.host%2F&ds=l&xdt=1&iif=1&cor=6284743440736909000&adk=2124396031&idt=112&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:45:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:45:22 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame A40D 30 KB
11 KB 31ms
27ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 9162932350781899495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:14:08 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A40D 41 KB
14 KB 34ms
26ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 16:43:28 GMT

GET
DATA 200
OK truncated
/ Frame A40D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 846b734273f290d69d36f2828e5a7a6a1c85fea6a376fe3be084890e263d7e28

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame A40D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1885389/77499083/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-6255092059107871&ias_chanId=1&ias_placementId=20999832644&bidurl=ht...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_ehTiZdmpNMaJvPIPice6-Ac&cbFunctionName=goog_wrapCb_ehTiZdmpNMaJvPIPice6-Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected...

1 KB
1 KB

36ms
6ms

Script
application/javascript

2600:9000:247b:5c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_ehTiZdmpNMaJvPIPice6-Ac&cbFunctionName=goog_wrapCb_ehTiZdmpNMaJvPIPice6-Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Protocol: H2
Server: 2600:9000:247b:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: N8a6HZlDh9F3zdobaU4MToCpsTqdbQs8
content-encoding: gzip
via: 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
date: Wed, 28 Feb 2024 10:04:32 GMT
x-amz-cf-pop: JFK52-P2
age: 200524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: WtZSl5rRowAnqAQj9zh43aCLwK6ilBmHvHLTTToX8XNdutEvnqrSvw==

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: app69.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_ehTiZdmpNMaJvPIPice6-Ac&cbFunctionName=goog_wrapCb_ehTiZdmpNMaJvPIPice6-Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 01D3 91 KB
23 KB 76ms
5ms Script
application/javascript 2600:9000:247b:5c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 18541256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: i2Tg7DPG_kIT8cYgiXUMHNIEfHCXd-k-fcXM06fZIMYMT6xw5hq5tw==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6B77 38 KB
13 KB 32ms
31ms Document
text/html 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 45015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 05:16:20 GMT
expires: Sat, 01 Mar 2025 05:16:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 60ms
17ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ01a,pingTime:-3,time:73,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 55ms
19ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ01d,pingTime:-6,time:76,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&tpiLookup=ao:freeimage.host*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 97E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1

43 B
733 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxi-t8yBAjAB&v=APEucNUfPbCaIN9vl4UWim2buDQUcjcJcYmdR2KON5wCHNsJY3ikjAZnkayQfVLRFUWov4j1M0H3c-NYecH9Z-SMSSF9FDpaRg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3Tk54djTfU8S5T%2FKJyknwUnXw50MLktAPvBXrHCCZdEMpF8cttXFJn62aEhSdQhhOolo3xUW7Hi%2FzvFJin1GwQLDPpD5WZcsk5Ojujk9ZbQUasjizzubrIjcRfzUDJ%2B8tBzzwZRKUoUIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85daf7a25e585e6e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 97E3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeIUe0t3uUUAAFAdAChI2wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1

43 B
771 B

31ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxi-t8yBAjAB&v=APEucNUfPbCaIN9vl4UWim2buDQUcjcJcYmdR2KON5wCHNsJY3ikjAZnkayQfVLRFUWov4j1M0H3c-NYecH9Z-SMSSF9FDpaRg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYsT073Uxgz0OlRIwTXkgXuYnkAUxuUs%2FLZOw6CIaJcmJeVFgHoLT39%2BOKklo2O7ZaMqkjXUXr2Ke3YUQ3QvKDOlYU9zCb5Vj3VvsmWKZPEpwuxIPUBsE8I6NS5%2BqEhGamzP4%2FeUt7hIRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85daf7a25e615e6e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN20P8LQpnu7Ws-F02fWyIQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 97E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFTcmJXQ3I4oOAWlnfwlDbA&google_cver=1

43 B
1 KB

6ms
5ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFTcmJXQ3I4oOAWlnfwlDbA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxi-t8yBAjAB&v=APEucNUfPbCaIN9vl4UWim2buDQUcjcJcYmdR2KON5wCHNsJY3ikjAZnkayQfVLRFUWov4j1M0H3c-NYecH9Z-SMSSF9FDpaRg

Protocol

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
an-x-request-uuid: 43593cad-542e-4f8d-8ccf-b9e30eed157a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.132; 5.181.234.132; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFTcmJXQ3I4oOAWlnfwlDbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97E3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNzEyMzg0MjY4NjQ3NjI5NQ%3D%3D

170 B
243 B

36ms
34ms

Image
image/png

142.250.96.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNzEyMzg0MjY4NjQ3NjI5NQ%3D%3D

Requested by

Protocol

Server

142.250.96.154 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
an-x-request-uuid: 3abd715f-44ae-4684-a337-c52254bb37bb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNzEyMzg0MjY4NjQ3NjI5NQ%3D%3D
x-proxy-origin: 5.181.234.132; 5.181.234.132; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C659 6 KB
1 KB 48ms
20ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=280&slotname=2160641861&adk=2850293054&adf=272174787&pi=t.ma~as.2160641861&w=1191&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=3&format=1191x280&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193704&bpp=1&bdt=271&idt=435&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:27:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame C659 2 KB
822 B 32ms
31ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:21:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame C659 23 KB
9 KB 31ms
30ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:23:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame C659 3 KB
1 KB 34ms
33ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame C659 20 KB
8 KB 32ms
30ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C659 207 KB
63 KB 33ms
30ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame C659 36 KB
15 KB 104ms
28ms Script
text/javascript 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:03:48 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16502786522540520349/ Frame B469 20 KB
5 KB 86ms
28ms Document
text/html 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27cc71819743f223aeef1849e4ef8fa7bfaf35c42e74e99bcc314bf9b5085bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64454
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4943
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 23:52:21 GMT
expires: Fri, 28 Feb 2025 23:52:21 GMT
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A40D 0
0 193ms
100ms Fetch
image/gif 142.250.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXOsQEceidmbiC_SwpyJU7CUr8HG_K7dgSQtwBODY7MnCdkVmfwIltJKcTMS_1S4ubcvo2nKORR8_M7_VUHpSpXUb9hGoAvJy5TBXtlGN8sl7m5PxsGxR8qhyfYt2O9rZYFMAE5ckSZ-xadWreszm5xcFL02FsZa554UNdp629BxnPqesm2ZZTM1n_S0o1oyMzLsYhu8L8lIOXfARFY_dka5ElyD0sbQelN0aN-5cTwA8J2bqbZuy3vlTQqPu0WtWsaOesrpPShNXvPmxerwmFhNWuBRwFaJfiy53jZWuV-u7YkZoeGfyUPaHgn_i60fnGM0Bo0zffuGEWD3WwNa3onJiqbeu54gL9HUZGtNUwzOhDNWcb3lYJ7BPUvd4cLGZVwsjb6DYJiDXXKC-EpuOJolwcgZsAJ3jaJcHKb_wuL0CZzDi7Y5k05ODh_S-0hxQ7P-12SGLuqgx_iddsSF-WKRBzos8z7-k-PRfRiSVF5kt0MS9yzm2GL6eZ8MELWasEubz0gQch4NCAz85XXe-PZVWd_SPBwXCYwDHCioXqFY61e_E-yM75MJntB1oNmXypJC4s1JVCawQJ_PDWiKW316JYlkHfqnGGnU6CQ5V5K5IFt2DjpidfcbsVQYBovkp_sMIGe29S7fScEYaXULvPRw1N795Q1stOGsuDz-_SB3BqtnMu2Z5xybvchY0c85Qb5C4BB1B-mDam9Fot6WZkvGk2brThfVeoJB7AoQ-_U_AH1_Osb1JUWS715SHKq_QAPnT8Tgzzgc1jTOvL9BlvPjj8wEmmpDlvn_A_mdTkT1K7RGza7r0GxIVjxHjPzr4fGK3iVt5STCSde_D3n98g1214hT8wsX0E5OEgVag7DTfjBYF9TA8m_12I3fW9bTrr-vgo8WVACYBaCsfV0vYF4XUtA0BsphWPIEmEN4Uq8W7jTXbofLK6jC-ldmNU9FJFvywNOnaZqpS9DRR6MlEEUFVaqIyg7GlKRzVYS_Pb5_C9djflBvV2VOUCa8bQNgMJT2ReV7UXeVvmcDFiXS8TiHg5L3kEevOMftIFKarDPz_Le_o4mDEA-bSnh8x0ymVpH-sPEGo6mlXPz1b69OVfO6QzX4lR6NQCgPfaBdDIRqO_ybD4K2DRKV1M3ZUG6hti_DAQNyEgddSAiwyFQaIwnFmKXA2ZZmk_h_OWVvy0fNAXGMxY1OkGNN3kBtPKWo_bIBdo_bDFWnVPwVqjF8DOqyLyNztWQLWfCh2ecVSpbeGHsGvdqVJ8LoK3yPRZJAQngyAnd_VIVJ7eaRYdeDLkqEEqSxkbofSrb3Pw-UTV3dMU9A7vxRZkxjyz56pRucDNUbyxIyZpcnCFxXQSst4AWwMFvIpxp36109zKJihbO6CRkd_9hiVe4Y-KDBuGDZU02tayKvbC903lRyDdZMjlpL9m6SZU5G3zcXFdYgJ-9Q&sai=AMfl-YRs797xV7TeH2iZ1PFGHyGh-U5owJD6bO94CVFA91qWAEViR789N9e60J3g8MSBu4DFNa08ZRe-i3SJgYTE3wxUxkkeBnACMi0NT_0_L0C0GNthf542idJxCbtZWvNB8XgWfw7nlCmFqNG_S013MOUEjYw-1A7Y_8UtOOB8t88y1IlyH9BO5CVAcLr2fUOCj4cgMJOF2Tz1EfltYY4Y0VxC7l2-4Fm-XvKat24TMB2ejQwAtSewWs_HndwzhiQoMYbUUZZ65ozooSkFd-Ai7z08KzNTam57aILeifjyiR2z_swJeJIUCAMfrir4FRPB&sig=Cg0ArKJSzG3UVThJW7MOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=203&cbvp=1&cstd=200&cisv=r20240228.69374&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
216 B 25ms
16ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ01I,pingTime:-2,time:107,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:367,beZ:369,mfA:373,cmA:375,inA:376,inZ:381,prA:381,prZ:387,si:395,poA:396,poZ:422,cmZ:422,mfZ:422,loA:443,loZ:446,ltA:473,ltZ:473%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:28,sinceFw:77,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6255092059107871&output=html&h=90&slotname=5122040644&adk=1577963354&adf=1219352679&pi=t.ma~as.5122040644&w=1200&fwrn=4&fwrnh=100&lmt=1709315194&rafmt=2&format=1200x90&url=https%3A%2F%2Ffreeimage.host%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709315193702&bpp=2&bdt=268&idt=422&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7152251227945&frm=20&pv=1&ga_vid=1721977241.1709315194&ga_sid=1709315194&ga_hid=1763389888&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325752%2C95326316%2C95321963%2C95321868%2C95324160&oid=2&pvsid=1046984313821421&tmod=1062313663&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=427
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9474234893749777158/ Frame C659 33 KB
33 KB 71ms
71ms Image
image/jpeg 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9474234893749777158/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b9f9fc522c123e7e953ddba72ea35daf83a813fc848efbda2e330b97efa7830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33484
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:18:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Mar 2025 17:46:35 GMT

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B77 52 KB
20 KB 30ms
29ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

GET
DATA 200
OK truncated
/ Frame C659 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e85762a7bfe41093fa3492fe643c807f1e96813f21736474c6835bc3f1f43d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 d851b4de657992c86fc746cdb716ba4f.js Show response
s0.2mdn.net/sadbundle/16502786522540520349/ Frame B469 116 KB
33 KB 33ms
31ms Script
application/x-javascript 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/d851b4de657992c86fc746cdb716ba4f.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50bd8ec3da6a18f9d44d06804fccdc1569fca0c734a06b5f0edddd9f59a48fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 17:03:11 GMT
date: Thu, 29 Feb 2024 17:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33905
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C659 15 KB
16 KB 92ms
29ms Font
font/woff2 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:26:14 GMT
x-content-type-options: nosniff
age: 91221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 16:26:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C659 15 KB
15 KB 96ms
36ms Font
font/woff2 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:04:36 GMT
x-content-type-options: nosniff
age: 70919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 22:04:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C659 15 KB
15 KB 126ms
66ms Font
font/woff2 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:07:27 GMT
x-content-type-options: nosniff
age: 67148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 23:07:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B469 717 B
443 B 30ms
24ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/d851b4de657992c86fc746cdb716ba4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H3 200 02c14c5f422ce5cb199863b8012bcb94.png
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 2 KB
2 KB 34ms
31ms Image
image/png 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/02c14c5f422ce5cb199863b8012bcb94.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a8ac41c7b7558a212ea4918d527da14b5f9a472a57e99a6e8f74951cbd4510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Sat, 01 Mar 2025 05:55:20 GMT
date: Fri, 01 Mar 2024 05:55:20 GMT
x-content-type-options: nosniff
age: 42675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1863
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 edc24a41454ea91c1255d9e14eb695ed.png
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 4 KB
4 KB 35ms
32ms Image
image/png 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/edc24a41454ea91c1255d9e14eb695ed.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e32cdfe0dcb070109a385b78a0f3f81cbe0c4206e69616ce3ff66fa50cfd5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 16:21:30 GMT
date: Thu, 29 Feb 2024 16:21:30 GMT
x-content-type-options: nosniff
age: 91505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4511
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ed4e76900376ebcea9476065294f3b6a.svg
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 2 KB
849 B 36ms
33ms Image
image/svg+xml 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/ed4e76900376ebcea9476065294f3b6a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b39324cab5f8556d0e6caa6aae784c413022771ee09dc87bb6ed87ce5af966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 23:52:22 GMT
date: Thu, 29 Feb 2024 23:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64453
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 819
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1ba56874adbf7cdc09c86673e6fb0182.svg
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 7 KB
1 KB 35ms
32ms Image
image/svg+xml 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/1ba56874adbf7cdc09c86673e6fb0182.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56547a73a3f65bbb7b9109cf2c30773da59d8886be1bead1c8dd7a5ee4b3780c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 17:03:11 GMT
date: Thu, 29 Feb 2024 17:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1440
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 de5c96a5d16db7212fa45fbdf7c434ba.svg
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 5 KB
2 KB 36ms
33ms Image
image/svg+xml 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/de5c96a5d16db7212fa45fbdf7c434ba.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

252c71bd009420cd3b77c3dfe82b1f7f5b7cd0b3b159d7144865f3647b1539da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 22:08:03 GMT
date: Thu, 29 Feb 2024 22:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2096
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d28b67a883f4a6e4d1f6b336c113ac1a.svg
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 9 KB
2 KB 38ms
35ms Image
image/svg+xml 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/d28b67a883f4a6e4d1f6b336c113ac1a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2d7decdf6c26526f1c8f87c9932f9d3fc903c542d84f61658af57f526dc4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 16:29:56 GMT
date: Thu, 29 Feb 2024 16:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1855
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame B469 23 KB
23 KB 34ms
28ms Font
font/woff2 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:51:07 GMT
x-content-type-options: nosniff
age: 89728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 16:51:07 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C659
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct1SDehTiZcaGC5DVo9kPoYC_iAKUq9WXaOTL_JqREMCNtwEQASCbm9plYMnGqYvApNgPoAGnvIf_A8gBCagDAcgDywSqBMgBT9BLwDaMeSRGVAqZof5mVM1HLqghTlGd4IMLH4JT4AeX1JM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3d543a12bf1a8bf40000000000000000%22,%222%22:%220xe1fc48b9abf98d160000000000000000%22,%223%22:%220xe4e692...

0
0

80ms
66ms

Fetch
text/css

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3d543a12bf1a8bf40000000000000000%22,%222%22:%220xe1fc48b9abf98d160000000000000000%22,%223%22:%220xe4e69217a674abd40000000000000000%22,%224%22:%220xa63b33efc70c2e830000000000000000%22,%225%22:%220x78a54f4e6b20cbd00000000000000000%22},%22debug_key%22:%2214223858326712501279%22,%22debug_reporting%22:true,%22destination%22:%22https://inmotionimagery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071767079%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226824905566353068353%22}&andc=true

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3d543a12bf1a8bf40000000000000000","2":"0xe1fc48b9abf98d160000000000000000","3":"0xe4e69217a674abd40000000000000000","4":"0xa63b33efc70c2e830000000000000000","5":"0x78a54f4e6b20cbd00000000000000000"},"debug_key":"14223858326712501279","debug_reporting":true,"destination":"https://inmotionimagery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071767079"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"6824905566353068353"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Mar 2024 17:46:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3d543a12bf1a8bf40000000000000000","2":"0xe1fc48b9abf98d160000000000000000","3":"0xe4e69217a674abd40000000000000000","4":"0xa63b33efc70c2e830000000000000000","5":"0x78a54f4e6b20cbd00000000000000000"},"debug_key":"14223858326712501279","debug_reporting":true,"destination":"https://inmotionimagery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071767079"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"6824905566353068353"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame F98E 52 KB
20 KB 29ms
29ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B77 0
20 B 79ms
79ms Image
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2tEOehTiZdmpNMaJvPIPice6-AcAAAAAOAHgBAI&bg=!8fKl8r3NAAaCCwxOogs7ADQBe5WfOEavdmUFw1P14x6E9C6Fnb4IL2RmM1YtxCCGCyv37Kt9rSPnOrxAdai0x55P_IHsAgAAAGZSAAAABGgBB5kDDCdRZFv1LzxfQNkkqth3gU_KxJ21koz4rCq1we7LK6-JJarAFb4_pUXSXZfv_9KPut33XtZIJ7OuThdW9OqAkVB_txtEhk8G1ubUrDsDSQVP4OiUE2S4Fj44ZldwFIhzvDHKmAynNtEtYrqf4ztAlI12mbginn7M_BLbUKX8Uh8X38iHjnsOAsxdQfz7P54m6dIqc2DDQDw_HvAxnglUEukyFW8G1_KS8nT1GvYCBmhMyzEOh3GzyXixK1V9ttOZh8F-gH3Y4nSead2clPpdGAT2-Dr5VFk2xwxO4JH5PryKScTGxDnibZpWFE3UlEG2XcYW3YYmwJ2k53Ny-zeLWn4sJAAWXEK4O8X-mRM6g7dor-dtwD-JnS12EkufT15lrP3pXTBsLQuA7SaAkIypuh4EmHb2gf9tawD3qzM7DIsHwAFD8Hqf_wQ2Yue1BpRu8IZPVAftHLxp28BaTLSBsZvZ6BKRiihVNwd_G5qAFWuzhTnT--F63KSWTSdTxVwgOus6yI6Xe4OSCKB3ZoeYjtnW5XoKOfdLfWKFDVRElU42DwGhfeJ2OsiJEkGZGI4VX_DgsvRCqORSPhzj2SzHw_EDOlEH4WGjQyb6PXSvJFVV04YKJty0QXZAmaxtTGEDw7q6RXaVvmuqYDPePdWouvyZmGi7SllTIdYojnsZpZP8e_5QMDXzJGPwrVfKX4xACSdOGZrH245a-xZ976sENr_2NCDZjBJH01nbnJFxCIS1yZOLAiauJGrSNJC2Kc328CsiLUxtep619Gvyjkj03YelXlx4IESCz2rPH7ovr8XH1AAd2LUk1D2Z4w9VgGLSRIJjeXGljfpRjrcN1KnJTe5g2hzAcW3DfEMGfsFWMb_-hj6hvYQ03t4SVeMCA7H5J-uP1vdhRRxE_-o72Y8uu63Ge06yhCeVWLGsWbMsDRcvVka8SpTM-91Nlo9Mc5zkVW4Ft5v8500Lf71LxWvyHpbaVHQNcXTJi1k71d_kFT-WYiEN5BlJNE5XJQ55KE3n_sF2xmEqCB3AMbwEog

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A40D 0
0 216ms
216ms Fetch
image/gif 142.250.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXOsQEceidmbiC_SwpyJU7CUr8HG_K7dgSQtwBODY7MnCdkVmfwIltJKcTMS_1S4ubcvo2nKORR8_M7_VUHpSpXUb9hGoAvJy5TBXtlGN8sl7m5PxsGxR8qhyfYt2O9rZYFMAE5ckSZ-xadWreszm5xcFL02FsZa554UNdp629BxnPqesm2ZZTM1n_S0o1oyMzLsYhu8L8lIOXfARFY_dka5ElyD0sbQelN0aN-5cTwA8J2bqbZuy3vlTQqPu0WtWsaOesrpPShNXvPmxerwmFhNWuBRwFaJfiy53jZWuV-u7YkZoeGfyUPaHgn_i60fnGM0Bo0zffuGEWD3WwNa3onJiqbeu54gL9HUZGtNUwzOhDNWcb3lYJ7BPUvd4cLGZVwsjb6DYJiDXXKC-EpuOJolwcgZsAJ3jaJcHKb_wuL0CZzDi7Y5k05ODh_S-0hxQ7P-12SGLuqgx_iddsSF-WKRBzos8z7-k-PRfRiSVF5kt0MS9yzm2GL6eZ8MELWasEubz0gQch4NCAz85XXe-PZVWd_SPBwXCYwDHCioXqFY61e_E-yM75MJntB1oNmXypJC4s1JVCawQJ_PDWiKW316JYlkHfqnGGnU6CQ5V5K5IFt2DjpidfcbsVQYBovkp_sMIGe29S7fScEYaXULvPRw1N795Q1stOGsuDz-_SB3BqtnMu2Z5xybvchY0c85Qb5C4BB1B-mDam9Fot6WZkvGk2brThfVeoJB7AoQ-_U_AH1_Osb1JUWS715SHKq_QAPnT8Tgzzgc1jTOvL9BlvPjj8wEmmpDlvn_A_mdTkT1K7RGza7r0GxIVjxHjPzr4fGK3iVt5STCSde_D3n98g1214hT8wsX0E5OEgVag7DTfjBYF9TA8m_12I3fW9bTrr-vgo8WVACYBaCsfV0vYF4XUtA0BsphWPIEmEN4Uq8W7jTXbofLK6jC-ldmNU9FJFvywNOnaZqpS9DRR6MlEEUFVaqIyg7GlKRzVYS_Pb5_C9djflBvV2VOUCa8bQNgMJT2ReV7UXeVvmcDFiXS8TiHg5L3kEevOMftIFKarDPz_Le_o4mDEA-bSnh8x0ymVpH-sPEGo6mlXPz1b69OVfO6QzX4lR6NQCgPfaBdDIRqO_ybD4K2DRKV1M3ZUG6hti_DAQNyEgddSAiwyFQaIwnFmKXA2ZZmk_h_OWVvy0fNAXGMxY1OkGNN3kBtPKWo_bIBdo_bDFWnVPwVqjF8DOqyLyNztWQLWfCh2ecVSpbeGHsGvdqVJ8LoK3yPRZJAQngyAnd_VIVJ7eaRYdeDLkqEEqSxkbofSrb3Pw-UTV3dMU9A7vxRZkxjyz56pRucDNUbyxIyZpcnCFxXQSst4AWwMFvIpxp36109zKJihbO6CRkd_9hiVe4Y-KDBuGDZU02tayKvbC903lRyDdZMjlpL9m6SZU5G3zcXFdYgJ-9Q&sai=AMfl-YRs797xV7TeH2iZ1PFGHyGh-U5owJD6bO94CVFA91qWAEViR789N9e60J3g8MSBu4DFNa08ZRe-i3SJgYTE3wxUxkkeBnACMi0NT_0_L0C0GNthf542idJxCbtZWvNB8XgWfw7nlCmFqNG_S013MOUEjYw-1A7Y_8UtOOB8t88y1IlyH9BO5CVAcLr2fUOCj4cgMJOF2Tz1EfltYY4Y0VxC7l2-4Fm-XvKat24TMB2ejQwAtSewWs_HndwzhiQoMYbUUZZ65ozooSkFd-Ai7z08KzNTam57aILeifjyiR2z_swJeJIUCAMfrir4FRPB&sig=Cg0ArKJSzG3UVThJW7MOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=507&vt=11&dtpt=304&dett=3&cstd=200&cisv=r20240228.69374&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H3 200 02c14c5f422ce5cb199863b8012bcb94.png
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 2 KB
2 KB 28ms
27ms Image
image/png 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/02c14c5f422ce5cb199863b8012bcb94.png

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a8ac41c7b7558a212ea4918d527da14b5f9a472a57e99a6e8f74951cbd4510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Sat, 01 Mar 2025 05:55:20 GMT
date: Fri, 01 Mar 2024 05:55:20 GMT
x-content-type-options: nosniff
age: 42675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1863
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 edc24a41454ea91c1255d9e14eb695ed.png
s0.2mdn.net/sadbundle/16502786522540520349/media/ Frame B469 4 KB
4 KB 29ms
28ms Image
image/png 2607:f8b0:4023:403::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16502786522540520349/media/edc24a41454ea91c1255d9e14eb695ed.png

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::94 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e32cdfe0dcb070109a385b78a0f3f81cbe0c4206e69616ce3ff66fa50cfd5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16502786522540520349/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 16:21:30 GMT
date: Thu, 29 Feb 2024 16:21:30 GMT
x-content-type-options: nosniff
age: 91505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4511
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:48:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 14ms
14ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ090,pingTime:-10,time:559,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjk0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1709315195589%7C%7Cfdae961ca00e3f29d8e87af71e6d0b88%7C%7Cd23861f90f98ef1cbb909ba4da09afb4%7C%7Cf3f93b0693e002767df821297416fc0f%7C%7Cc29cae3791c50f6ee16874b709143333%7C%7C4f89b5158cb3c6b617663a344110c2f4%7C%7C777d1804bccb3f22cb92afabe6ea1728%7C%7C94e13e79594bb6a204266f3561c21d13%7C%7C1663701684%7D
Requested by: Host: freeimage.host
URL: https://freeimage.host/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 103ms
67ms Preflight
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 17:46:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/ 166 KB
56 KB 93ms
93ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb9f71449f0c00dfefca91bc9f09a504cd43ad3e6c72100c6ffa7f46cd528cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57330
x-xss-protection: 0
server: cafe
etag: 9986625419510363943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H2 200 ca-pub-6255092059107871 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 60ms
45ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6255092059107871?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b0713a447f3dea04887dcd285735c32089e7d8f0dd3fb7f7bc5bc2dcd1e5515

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZxbgHr-pwa2pxMxmcVb0jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZxbgHr-pwa2pxMxmcVb0jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8XtFx3o2gQOT7p5nAgAFmy2m"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 17ms
16ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ0b0,time:683,type:e,im:%7Bpci:%7Btdr:558%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:683,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B672~0%5D,as:%5B146~0.0,526~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:56,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:170%7D&br=c
Requested by: Host: freeimage.host
URL: https://freeimage.host/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:35 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 AGSKWxXOxp_bgifsP1NAXDghJs2P-T3Ce4M4nzfSTUQUjFnQpOsIQaXJAojRiazGfy8ywBgZ3PmUJGzYGho_Rx4Txed8pCvF9D6T4eYtKPL29UDzwY363x90ltbJEfbFd8TbsSplSva0GQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 36ms
35ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXOxp_bgifsP1NAXDghJs2P-T3Ce4M4nzfSTUQUjFnQpOsIQaXJAojRiazGfy8ywBgZ3PmUJGzYGho_Rx4Txed8pCvF9D6T4eYtKPL29UDzwY363x90ltbJEfbFd8TbsSplSva0GQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzE1MTk1LDc2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mcmVlaW1hZ2UuaG9zdC8iLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93519dd4096da2283ad48f27726412325cf5313680873ee78ad4fe8f262b8fe5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-chc2t_WuZbokbA6Db-UHmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-chc2t_WuZbokbA6Db-UHmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8XtFx3o2gY627u9MAP2aLSo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 2884 9 KB
4 KB 29ms
28ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 20:15:28 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 20:15:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 1A9F 9 KB
4 KB 31ms
30ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 20:15:28 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 20:15:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 6C27 9 KB
4 KB 30ms
30ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 20:15:28 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 20:15:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 7A9B 9 KB
4 KB 30ms
29ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 20:15:28 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 20:15:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2884 5 KB
694 B 19ms
18ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:27:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DE34 14 KB
1 KB 23ms
21ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:32:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 17:46:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame DE34 2 KB
822 B 28ms
27ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:21:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame DE34 23 KB
9 KB 28ms
27ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:23:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EE0 143 B
166 B 47ms
45ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:07:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame DE34 3 KB
1 KB 31ms
29ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame DE34 20 KB
8 KB 43ms
41ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DE34 207 KB
63 KB 47ms
44ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame DE34 36 KB
15 KB 36ms
32ms Script
text/javascript 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:03:48 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 2884 15 KB
6 KB 48ms
48ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 7487576354850247333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:15:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2884 205 B
519 B 35ms
32ms Image
image/png 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:04:32 GMT
x-content-type-options: nosniff
age: 70923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Feb 2025 22:04:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2884 604 B
695 B 36ms
34ms Image
image/png 2607:f8b0:4023:403::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:43:12 GMT
x-content-type-options: nosniff
age: 90203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Feb 2025 16:43:12 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 2884 22 KB
9 KB 47ms
45ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 19:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 19:16:10 GMT

GET
H3 200 AGSKWxW-XjHzEV0oY3TfrirW7-t_rk-SPJHxlhO65d4prUuTo6oiGH6ngNeQ9DpYJ6YHETHKKN8bVdHcr-yc-8_gxYtSk5yGaDaJg7AIYHb32qN1UW3yiw_ZfG0FqtvnC0vFvJcqrc3NaA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-XjHzEV0oY3TfrirW7-t_rk-SPJHxlhO65d4prUuTo6oiGH6ngNeQ9DpYJ6YHETHKKN8bVdHcr-yc-8_gxYtSk5yGaDaJg7AIYHb32qN1UW3yiw_ZfG0FqtvnC0vFvJcqrc3NaA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzE1MTk1LDk3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZnJlZWltYWdlLmhvc3QvIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e845e365bdb32edfe0ba4844067c37badfbb0074b2c50e59badc306dc825db38

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9rC9bbImsrhPPunhL83Ymg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9rC9bbImsrhPPunhL83Ymg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEw_F7Rcd6NoEd_UtuMwMAOp0ycA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 1A9F 23 KB
9 KB 42ms
27ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:23:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A85B 143 B
166 B 54ms
30ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:07:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 1A9F 3 KB
1 KB 39ms
28ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 1A9F 20 KB
8 KB 40ms
28ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 3556260847147873701
tpc.googlesyndication.com/daca_images/simgad/ Frame 1A9F 58 KB
58 KB 129ms
117ms Image
image/png 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3556260847147873701

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eb0c240a2b2d023d2ba48a273fb6431b69464e4a365cc068e0106567877891a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59310
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 19:00:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Mar 2025 17:46:36 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A9F 207 KB
63 KB 41ms
29ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 1A9F 36 KB
14 KB 42ms
27ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:14:29 GMT

GET
H3 200 3556260847147873701
tpc.googlesyndication.com/daca_images/simgad/ Frame 6C27 58 KB
58 KB 133ms
118ms Image
image/png 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3556260847147873701

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eb0c240a2b2d023d2ba48a273fb6431b69464e4a365cc068e0106567877891a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59310
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 19:00:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Mar 2025 17:46:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 6C27 23 KB
9 KB 48ms
34ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:23:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFC4 143 B
166 B 42ms
37ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:07:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 6C27 3 KB
1 KB 47ms
35ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 6C27 20 KB
8 KB 48ms
36ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6C27 207 KB
63 KB 48ms
36ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 6C27 36 KB
14 KB 51ms
39ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:14:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 7A9B 23 KB
9 KB 34ms
29ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:23:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3812 143 B
166 B 35ms
30ms Document
text/html 2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:07:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 7A9B 3 KB
1 KB 38ms
33ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 7A9B 20 KB
8 KB 34ms
30ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 16118129152372767860
tpc.googlesyndication.com/simgad/ Frame 7A9B 121 KB
121 KB 37ms
32ms Image
image/jpeg 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16118129152372767860?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmR2cdeab_wpl7rO46qhVZuqJ-i0g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fc0db4997db9da93f5c7b6103d6eeffd8f8209e649296d3306b3e9c2feafaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 15:11:01 GMT
x-content-type-options: nosniff
age: 9335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123983
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 10:44:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Mar 2025 15:11:01 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7A9B 207 KB
63 KB 35ms
30ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:49:15 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 7A9B 36 KB
14 KB 39ms
36ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:14:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A40D 42 B
174 B 133ms
130ms Fetch
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp6xuVnPc9TzCZ_G6zzMdNKb43ppcpNV_nE-zitYHgKwh5cQofm8_zXrufYx-qTul5apG5QxcbUeA_aqnwZpv9lpJag8ih6_961NfWTlV7j6UpznIOc90EJ1D5lr8_d9qswSNnpf25EUtJTu-o_bXnmL3uyQhnrDo&sai=AMfl-YRrFIP4J6Y8W4yN1tR10751gW25WCZOh_YWmujVs2N_05OYL8l9L5H6p-DfSVWe-ErLb5WdgUpgedw7GqgK4nZVeHH4F2FWsB3xGADdm-M9sLQpaA28CS3O_DFxF1bcrikpNriO4JbsTb8ZeSjv&sig=Cg0ArKJSzNXgqU8uCs6KEAE&cid=CAQSTgB7FLtq6UVPUvyARIABkC3CsEJvAzQVaggR70d4p9ROg4plgHK1KFsxSTy6AWTv0AalqH03_6Vr5JYvmv6KssPRlv2DVhpIu0WG0svHVxgB&id=lidar2&mcvt=1088&p=0,0,90,728&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1577963354&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=524799400&rst=1709315194665&rpt=323&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
expires: Fri, 01 Mar 2024 17:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A85B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
expires: Fri, 01 Mar 2024 17:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFC4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
expires: Fri, 01 Mar 2024 17:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7A9B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b40fe4ddd9756f07a0edc233cc070081f9d6fd373874690cf84f8940fff03ab2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 17EC 52 KB
20 KB 27ms
27ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: freeimage.host
URL: https://freeimage.host/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3812
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2607:f8b0:4023:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::9c Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
expires: Fri, 01 Mar 2024 17:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7A9B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrFhOehTiZYawCsvTo9kPw8GFyAT6i-qXdu35ivOdEtnpuO-pQRABIJub2mVgycapi8Ck2A-gAdqo2NUDyAECqAMByAPJBKoEywFP0IFTWwDfGVOXeVR9a4FY8ocia3XnouSg0jhdWQ84FH2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9ecb8421e956f7a40000000000000000%22,%222%22:%220x11b271cb966e768c0000000000000000%22,%223%22:%220x640eea...

0
0

67ms
66ms

Fetch
text/css

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9ecb8421e956f7a40000000000000000%22,%222%22:%220x11b271cb966e768c0000000000000000%22,%223%22:%220x640eeab9061f3de20000000000000000%22,%224%22:%220xc813c024c1fd0f7a0000000000000000%22,%225%22:%220xb9f717e957978ff90000000000000000%22},%22debug_key%22:%2210065001946592276442%22,%22debug_reporting%22:true,%22destination%22:%22https://americanexpress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985011290%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213627376660152271057%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9ecb8421e956f7a40000000000000000","2":"0x11b271cb966e768c0000000000000000","3":"0x640eeab9061f3de20000000000000000","4":"0xc813c024c1fd0f7a0000000000000000","5":"0xb9f717e957978ff90000000000000000"},"debug_key":"10065001946592276442","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"13627376660152271057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Mar 2024 17:46:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9ecb8421e956f7a40000000000000000","2":"0x11b271cb966e768c0000000000000000","3":"0x640eeab9061f3de20000000000000000","4":"0xc813c024c1fd0f7a0000000000000000","5":"0xb9f717e957978ff90000000000000000"},"debug_key":"10065001946592276442","debug_reporting":true,"destination":"https://americanexpress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985011290"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"13627376660152271057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4015 52 KB
20 KB 28ms
28ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
65ms Preflight
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 17:46:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
95ms XHR
application/json 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef04c68b7b6dcb2379c6e3cc6f44a9f25a48d3998a95cbe340857d3584611ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12629
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C659 42 B
64 B 80ms
79ms Fetch
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXA7yhOg3P2VBGXZvIuS0GVjR_4Mg2uAzOi1Dkj1PMQgiGYmxG-eml-bA1mg9uzWPLShRS7Qii35rd1-xVQLktEUPzbIaL4hjD8AlOwOdrkSFbSKNWq6sIKEtqC-AQHzWeve9hUd9osmpKiSJnY8YrZlX-6uIKDTw&sai=AMfl-YTDTn-J7vlJpG21kZyQ81d8-T1sEHjFsqsL_uUgteeksCqclftwJD7wJycZjy1q8haWyCqAN01HB8d5VsEA-oyiKrwSZo2_tvhs8PHNbBBXs4YX1zfdzGKfu8Em6seWznsCrtrdPGYO0y89Z0bK&sig=Cg0ArKJSzPGf9ekZ3N9lEAE&cid=CAQSTgB7FLtqK4ZvtIrHwXr0TLHyhqxc94yOJypq4I1JiRswhHkRSGAqCpN_JPJTNLtrUTAxQ6o-Vb9yqT_unp_VIpxZwFhrAqb7pASsiATVMBgB&id=lidar2&mcvt=1029&p=0,0,280,1191&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2850293054&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=524799500&rst=1709315194143&rpt=1273&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 33DD 52 KB
20 KB 28ms
27ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0546 52 KB
20 KB 29ms
28ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 16:45:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A40D 0
20 B 77ms
77ms Ping
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1801539337801&version=m202401290101&ct=76&x=1&cor=6284743440736909000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 17:46:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A503 13 KB
5 KB 32ms
27ms Document
text/html 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 16913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 13:04:43 GMT
expires: Sat, 01 Mar 2025 13:04:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB76 829 B
998 B 59ms
47ms Document
text/html 2607:f8b0:4023:403::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:403::68 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8856098fbed652a2bfc68b23d7ef33a8b4b11ea121f1486125a02b5e58e84c0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cGngluVcXfOG0Hr6k0WUIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeimage.host/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cGngluVcXfOG0Hr6k0WUIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 17:46:36 GMT
expires: Fri, 01 Mar 2024 17:46:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame A503 40 KB
15 KB 28ms
27ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 05:14:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BB76 0
0 375ms
374ms Image
text/html 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=1046984313821421&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A503 0
11 B 27ms
27ms Image
text/plain 2607:f8b0:4023:403::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_qh-TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:403::84 Sewanee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 728_90_ Show response
fundingchoicesmessages.google.com/f/AGSKWxX0e4EMSjqIKESpkoq1O-Fqqe3EBkl7EOfE7o53E54oTcHtFGUhv4A3BQjlibscl6gqOkQxO7Q0zouRdWiJ-j3SedQKJ7WpBYtaJeTo1KL_t2zDJ5Xal1iJl50JE7J162pq0gtFxRS592DmTLO5MwmkkEvCK... 54 B
110 B 34ms
34ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX0e4EMSjqIKESpkoq1O-Fqqe3EBkl7EOfE7o53E54oTcHtFGUhv4A3BQjlibscl6gqOkQxO7Q0zouRdWiJ-j3SedQKJ7WpBYtaJeTo1KL_t2zDJ5Xal1iJl50JE7J162pq0gtFxRS592DmTLO5MwmkkEvCKNZozSbCvFDaLxnbwpmPLKzfFlBeRAp3/_/adfootleft./ads/top./ad_request./adgallery2./728_90_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3N0hUyWWIfQKsJY5ik-ZxAx82ew/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e755e03d3e57faafd07db017727681cf2d09e00e98a28475530c18222bf938

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CYe517BtMjU32OkQYDgyBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CYe517BtMjU32OkQYDgyBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiUAjbyXTe6Q7TdSCuZXjG1ArEBhrPmSyAmPHPCyZOIH735SUTz9eXTBJArAHEO3w8WPjWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgFiIh-PPio71bAIHep6eYgYAjfUu2g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 29ms
28ms Script
text/javascript 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31003
x-xss-protection: 0
server: cafe
etag: 16097037246406947114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:52:47 GMT

POST
H3 204 AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
32ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mFjvnlCyX-vkB_tU1ofDbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-mFjvnlCyX-vkB_tU1ofDbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTD8WdFx3o2gRXbv59jBgCO6xHf"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimage.host
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 30ms
30ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4mVKfWGtXG1faGJAyBBtLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4mVKfWGtXG1faGJAyBBtLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTD8WdFx3o2gQNLG24zAwCN0BF7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimage.host
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 26ms
25ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ObBXx5DNmk6m3IR5FJQyHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ObBXx5DNmk6m3IR5FJQyHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTD8WdFx3o2gQe_j9xiBgCQCBIx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freeimage.host
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 28ms
27ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nIx9HSWWNGGRm-JzIylAUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nIx9HSWWNGGRm-JzIylAUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTF8XdFx3o2gQmnGQFpBRAN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimage.host
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV4UAjNsfsewVB6G_PQ-Dtwi0ILVKEc6rWIpR74HfCwZEBGpXgL5KDACeGmBsXQkzwCtoskQwBvOSMtacZ3JyF6F7flDXdIag3u_pTFIR097RW8alRxpgsyKGaMqFdvwYMXYlvBbQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 41ms
40ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV4UAjNsfsewVB6G_PQ-Dtwi0ILVKEc6rWIpR74HfCwZEBGpXgL5KDACeGmBsXQkzwCtoskQwBvOSMtacZ3JyF6F7flDXdIag3u_pTFIR097RW8alRxpgsyKGaMqFdvwYMXYlvBbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzE1MTk2LDk4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mcmVlaW1hZ2UuaG9zdC8iLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1c5dcfffe3c15a0eeb7064e5abfbf569a0694d4ce58733f028fcac5896ab758

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eRZJInQHLk4CH8iK26MFdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 17:46:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eRZJInQHLk4CH8iK26MFdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmII1pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEzfF3Rcd6NoEdH0-xAwARDTI0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVESpsViETz37zsNSkGe4oIIhuRKmUDjRC9S5KM3cuGbU1Agt32Eq2mwep4xhVnHi34LRKuKPZUWt8DzL_PQEWBDo2L-LigI1iaYojVaStPK1o9Smo9TERasyyHhQh_dlT94cyR0w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 29ms
28ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVESpsViETz37zsNSkGe4oIIhuRKmUDjRC9S5KM3cuGbU1Agt32Eq2mwep4xhVnHi34LRKuKPZUWt8DzL_PQEWBDo2L-LigI1iaYojVaStPK1o9Smo9TERasyyHhQh_dlT94cyR0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nuCfBrGoFdV6BbcX0qN23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-nuCfBrGoFdV6BbcX0qN23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTN8XdFx3o2gRMLl4oDAHyhEOE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimage.host
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 29ms
29ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3OdZVB5tRtK0ndkNkbxjovY3H3vgnAR3Y_mQXBN5kTwQOx6UtEwTfbmslfsrUQJ0A_VYZZ3jmtgMyVBlS726qR_nqOhLBShQJ5KrAI90whg_bFmtDKSz7BIdFZdyWR2a06oZKSA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IiDQDCm2d_9x8ZyWK4aGdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimage.host/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 17:46:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-IiDQDCm2d_9x8ZyWK4aGdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBiWMS_i6mW4RlTKxAz_nnBxAnEO3w8WJzSZ7AGAbEQN8ffFR3r2QR-nO2TAADBdBKY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimage.host
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 14ms
13ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ0Ab,pingTime:1,time:2244,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:728,h:90,t:157%7D,%7Bpiv:100,vs:i,r:,t:1243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1243,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1232~0,0~100%5D,as:%5B146~0.0,1086~728.90%5D%7D%7D,%7Bsl:i,t:1243,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:19,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:170%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:37 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A40D 43 B
215 B 15ms
15ms Image
image/gif 2600:1f18:1aca:4281:4e33:1545:4770:867a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=213f8cad-18b5-621a-b2ad-90689b805f9d&tv=%7Bc:5GJ0Ac,pingTime:1,time:2245,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:728,h:90,t:157%7D,%7Bpiv:100,vs:i,r:,t:1243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1243,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1232~0,0~100%5D,as:%5B146~0.0,1086~728.90%5D%7D%7D,%7Bsl:i,t:1243,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:19,fm:u5NemrR+11%7C12%7C131*.1885389-77499083%7C1311%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:170%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4e33:1545:4770:867a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:37 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A9B 42 B
64 B 83ms
82ms Fetch
image/gif 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQqR6hZa2x9RP3rqILdgtdfbf0aL2sMfxITdnctfBk35wFuT9Epd1YPFG1x78WMsClu2h6x3ppyd-oBs5I0soewCTzg-lg3IFuoSfAXIbqH4rmaI8H-kOzmvmiRc8E0yz7s5sdjDVxN-JSou8TAyoxi0krbJxWUtNCQXENQ4TF-2K2rBHdZ7ECkDJGf-XQEIFTGDZnMdGqqV0sIMo1mkasg56Myxe5vOI8eDMf3Z3l0K6VG4ejGu-n-ecpwU1O_xL6-CzEGyXdB5PDq-Y89hgnk5gHo-5LljjfzL2XBayHeEjSO5_EFoepGbZ2f-Ip2oRWtUwukOt0UW5pxiFHqXHFTlEpwOeTip7VKTafrbap4kETMN1mdeFH5LPQgsfJtNAJIW7ZRemcMBzMv6EVdXuKYh6ssBHFGscI3Tdxfzxy0Sp-hocyCm2m5-5i6OfOFPqtcJks3IRncpdL5kNgfeGXMVjqhJmj6KYZgLpSVlf8peNozSQMpv9_CH7zVWVBZCJTa_Hco1Y6kM59Aq-TLya7E6ejVSGjpBAuOoQiArs6GhD0QPaMr4DbjCrtFDwC3wyUDntLqdw-myKqLlWlC9X6ajHE8y2m3GhfbV8i2EX4xzLWqMtjH3TwNG3z7OxoKy3s_w3-dAlGwbDSi6Mzlb_c5bG80aNGAT8EBIs33YybtEfUELTgwhQ7BfM-jlDTT5xwn0ugkowSILFkdqVtXIJmCLp3ABx8O8sPNHW1Upj26hTuDhtWBY5PmdIjJzDm39EZljXj3Pecvfg9Td8WgOFR944P06ZpGXy6c2RtW1johuqpA66uT0viJlCemb3uCvmv2YaW59XvSVHQQ6LZAjNSm08VvW_b1ndY8lc-M7MIQuHd6w76BQPoSTwEJScLEQZjuqDgEAdRsv6EQkRezyzMGSDGR3CQLItwCd_uhiASO3N5rMr7JDWxBZScfGLn9vIchLF0bB9g-j1zsV1KnxjsSYwOSK3sseWrdwii2bdsb-7MMxnKFieVw0tSkA83iDP-C-aZDZHeUtXbuYZrDSQOnqzLTyl11QIXQRjUCplte7hLEsFS_RLtbUhTTlNv54EWCo2ssh1ARXAKD7VJhMOojn-d_glLTZJpK-tZUwiwx8OYyfpL3Gnm354zcxzw80OSJSlT8EL6kgTuoZhm1M9pZLv9VK_ECGZlHwkrHNv9ZQK_FG6pgs_eZVBMCcjPbNOcCQTg4AeyY7YPGgGVEZSuPxdsXVpm8ava2zyRL2JMzUwDK2ePkHScEhX9vLsIxZpr5uA3AV2F4CGzoqnFBTHPwLuTynRpHrUIs5Pb9KagknOsvNx0Y3Mq_Uo1Y0tr_80utuSCIsHnakktInK1P_YcLzHJ4qEefxGuKXjSl4gpqhGe3T5ZfXmuXdXXXRO7z5nlm2i0dojOBxUkoOVUDyC4bS0xOo2ww6g2ksgHjwc-hWs1bZsjVI5yDLADTXTsKM-Ma6WliD3I04zqUkavL2PKTYod9UUqWVCx8lH3W9o9t6XYDceMTqOzF7zQscT8BHerqb37qJGdkhax&sai=AMfl-YSFHkkxxFMnijg0M-DUMn0059XAxAKXXswC_qff_eqnkbtLwRwMj5ZPgIKAcZB9ki3VbS7qE_Pj-SiUgbskWRD1JUvcU40culoQqGanze4HjdiBE6wblAiMc4FizluQc-ozPA6M9bI1QIiVF5412ui0JukuNDQhGdFBPBw&sig=Cg0ArKJSzCN9OcH9HZuKEAE&cid=CAQSTwB7FLtqeKI73GdKh2SLXeWgSY3x9FtBlO4-dE1T3CFNfcZ-aJr6kL8N99stZTC6MQ_ohmr52FYW6GXoIwp1m_yLde4sW6XPBchhlyLyQmEYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=164,823,1000,1000,1000&tos=164,659,177,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3895348141&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=524799600&rst=1709315195856&rpt=409&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 17:46:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
79ms Image
text/html 2607:f8b0:4023:403::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=1046984313821421&bg=!cXKlcj3NAAauXHXJjlw7ADQBe5WfOGtYFN6gJCV3CNlpT64Ek1_8rESpK0YQRUyK7S1ncCTrjJFZg0jQrUsXNczV7JtpAgAAAFpSAAAABGgBB5kCzLToGL8Dl7Jys_UfVfgIF9lGIRogJzMwTbXyhPZ0le_8CyM_lGFhIG0dCb614OPAdVlXrvOsvwtR_VLxE76XMj3dDeDHf7aF8r8Ke785fHsb0hRja53P9KS1uJqxpQl6Nf8bUexlTYf9-UO1-a0-cxGEb9eVRe8ORX-jYytzAAJtahaxW23jAVq4yPtHc1OhF5_1diwO4TK_KUIoWe60t5JIxXy1sIbOMLcJe9SvdwFYKo9c9BNolZ-unDf3UmqdEdFMux1u9BJbvKWfzFVoySs_xes7WKjASZ1zjpMAbBXHHvwqSu83uUR2Y6q4i6Odj4j0UKx000-XbjCI-Tu_GxeExj8WdOrpbOFtKul1BYFfZFQTYmkrhZYakwo7gNe_97YFngaYKFLv813iNnQlh_wpyy6ifiP9ilSae50rNAc5BERV20TFB2EyMGOl5bSi5p7-F2ExkESXZXV-CI9xJ0aM30cPuyfxbyRXRfzZBkHUUpaXIqmydfr68_tshfepyL8zhweCQESatNgAv8m2FLoBQ3qMx1b9Pa49eS-iskHli99lrmrgNGAzcp-KHAswQNKrEOw_d-ry9QCWei7N00Z1ZoeJrqBQc5Ar66YARIRnqMHcFhd0VObY01Vit_A1tASghEGojQV5PtDVXCE772RvyINZErB-BZDV8yNLqFDmwFVAFSaQNgH6SnV2cqXPg79jD7vdJTQqOhcJ5QbOf4bQ3X_Pgy91F-Ul7QlGz0O8pU8kwKwayQGc4tapyacjojvw8ELyQbtPJXXNVaA_E3sevTZgQJB2-SzPzkTgaRgnx37rhWqiPhYkBHJwrftwysDgMY3qg3tQ5jYNi19tjJXCdlhAVC-LSXvjhVQ1ttqdAwgj6wwFKyQgFYLupw4u3Gj05-MP0a2XFHifjTylH-t-1CfoLulFsUl7SwCmMpdqL8Pjr5P_Lr3drNe-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:403::9b Sewanee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freeimage.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freeimage.host/	1969-12-31 23:59:59	Name: PHPSESSID Value: it9o2pir7b8fidq8lpqs5o2547
.yadro.ru/	1970-01-21 03:32:56	Name: FTID Value: 1buXHv3g6uel1buXHv002Tc2
.yadro.ru/	1970-01-21 03:32:56	Name: VID Value: 3QynxI2zuDel1buXHv00276Y
.doubleclick.net/	1970-01-20 23:07:47	Name: APC Value: AfxxVi6BpAHZlfcrwcHnG33RY1MgJ4hJTZxuJ8WwTQm2-LSvU872Pg
.doubleclick.net/	1970-01-20 23:07:47	Name: receive-cookie-deprecation Value: 1
.freeimage.host/	1970-01-21 04:10:11	Name: __gads Value: ID=79b7caa74c294175:T=1709315194:RT=1709315194:S=ALNI_MYNlI8OpCtOxFfCtR9kf5C9fktIZw
.freeimage.host/	1970-01-21 04:10:11	Name: __gpi Value: UID=00000dce6738513e:T=1709315194:RT=1709315194:S=ALNI_MZKr2qxu1_k9OJyolHx8F_hk37VQg
.freeimage.host/	1970-01-20 23:07:47	Name: __eoi Value: ID=55f1735e5f10586e:T=1709315194:RT=1709315194:S=AA-AfjZKtg78tQxlqOSmC15fDf6Q
.doubleclick.net/	1970-01-21 04:24:35	Name: IDE Value: AHWqTUmMCWxhwhwnucks4K_Sg5PGmmznHkIO9q6Mx-fc1d9v4mVuoS5DCDxdQiOA
.doubleclick.net/	1970-01-20 18:48:36	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-21 03:34:11	Name: CMID Value: ZeIUe0t3uUUAAFAdAChI2wAA
.casalemedia.com/	1970-01-20 20:58:11	Name: CMPS Value: 046
.casalemedia.com/	1970-01-20 20:58:11	Name: CMPRO Value: 046
.adnxs.com/	1970-01-20 20:58:11	Name: XANDR_PANID Value: pZOEHugb8kevPu3jTBXMAXnMogODxHhw40D0syeCIpIwVnXGevkbs8pp-dPdSLIDADemhPFtUuBkR0ZUFnTJg3v9e9BloYGnJGmjmUcx0bY.
.adnxs.com/	1970-01-21 04:24:35	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:58:11	Name: uuid2 Value: 7227123842686476295
.adnxs.com/	1970-01-20 20:58:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In?nj5^D!]tbPl1M>e)ZlrFUfJ+tGXxoH<=4p::'lkd<aZwPK^ZVOL(gSaYZUA8-YHF*bpRzqF1`b`spA+xa
.googleadservices.com/	1970-01-20 20:58:11	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:48:38	Name: DSID Value: NO_DATA
.freeimage.host/	1970-01-21 03:34:11	Name: FCNEC Value: %5B%5B%22AKsRol9qYmNjetZhcXl0hoTcsaFiLOuGHjyXVBwwyGDDhxbT2CvNHkHc4IoI0olIuA-ilneE0aqevm25_4IRAFEMcu4D1CIvCpMwTv1B6lHF2JxDsgVJQC2ebn1qwSLLSBtPCyQtj5ddYq1Y6tj-lVRqhSFQ-oVFoA%3D%3D%22%5D%5D

83 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimage.host/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
freeimage.host
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
iili.io
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.12.154
142.250.96.154
142.251.40.162
172.64.151.101
2600:1f18:1aca:4281:4e33:1545:4770:867a
2600:9000:247b:5c00:8:48e:53c0:93a1
2606:4700:3030::ac43:ccce
2606:4700:3038::6815:eb45
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2607:f8b0:4023:402::9c
2607:f8b0:4023:403::5e
2607:f8b0:4023:403::68
2607:f8b0:4023:403::84
2607:f8b0:4023:403::94
2607:f8b0:4023:403::9b
34.202.3.146
68.67.160.76
88.212.201.204
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ef04c68b7b6dcb2379c6e3cc6f44a9f25a48d3998a95cbe340857d3584611ff
252c71bd009420cd3b77c3dfe82b1f7f5b7cd0b3b159d7144865f3647b1539da
269840bf0697ecaf90258285986e62e397b532c87e79eaab7ca91a9b3c4085bb
27cc71819743f223aeef1849e4ef8fa7bfaf35c42e74e99bcc314bf9b5085bb8
2b0713a447f3dea04887dcd285735c32089e7d8f0dd3fb7f7bc5bc2dcd1e5515
2c0ce5154a1bd56acf752b8568828a397ffdafbc45cb7dc274e14f5595b9d68b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38bf6faa34eb424eaaf7f3f7b1a4d45f6fbd5f2432bbfb5a2054ae4206187de8
3e32cdfe0dcb070109a385b78a0f3f81cbe0c4206e69616ce3ff66fa50cfd5f4
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b9c45d4aa1b892bd2e7c8e385cd0d1dfa4c7a72e4ec789fef3cefb932525b3
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50bd8ec3da6a18f9d44d06804fccdc1569fca0c734a06b5f0edddd9f59a48fa2
50e85762a7bfe41093fa3492fe643c807f1e96813f21736474c6835bc3f1f43d
53be87256822f27a74dcf03824478b8c0e46fa52b159d39ff38b46e63dfa3202
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56547a73a3f65bbb7b9109cf2c30773da59d8886be1bead1c8dd7a5ee4b3780c
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
58d880c52e45fe02c90bc193b7b8469e578ea1480d63b03197b6fa6a5013d51c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e5507fa102e6a4ea0c96f6d2c9a001c46569591bbf5431bc6137c181640b909
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
733b969fbec87646d0d657e46b46e3fb3b97e7afa65043798b6df8dffe0305b9
73a8ac41c7b7558a212ea4918d527da14b5f9a472a57e99a6e8f74951cbd4510
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
846b734273f290d69d36f2828e5a7a6a1c85fea6a376fe3be084890e263d7e28
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
87017c65ca7b5af8d5e3c22f9c66d521cd450872076354ff34650483ef9facb0
884dcf8fb15e69d283307fdbbd9167688ffa4008b4584b5da51200ea19756094
8856098fbed652a2bfc68b23d7ef33a8b4b11ea121f1486125a02b5e58e84c0d
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8b9f9fc522c123e7e953ddba72ea35daf83a813fc848efbda2e330b97efa7830
8fc0db4997db9da93f5c7b6103d6eeffd8f8209e649296d3306b3e9c2feafaa3
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93519dd4096da2283ad48f27726412325cf5313680873ee78ad4fe8f262b8fe5
9603d349b62b8005639560a70b45bcd57bda96f9e8a116796cf0984cca858866
98b39324cab5f8556d0e6caa6aae784c413022771ee09dc87bb6ed87ce5af966
9eb0c240a2b2d023d2ba48a273fb6431b69464e4a365cc068e0106567877891a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1c5dcfffe3c15a0eeb7064e5abfbf569a0694d4ce58733f028fcac5896ab758
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
a8a9e3f33e734973bc137d5d37185a4f7c051644dd9ab9417fb9138afdafb519
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b40fe4ddd9756f07a0edc233cc070081f9d6fd373874690cf84f8940fff03ab2
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
be2d7decdf6c26526f1c8f87c9932f9d3fc903c542d84f61658af57f526dc4a3
c3e53fdf33e1def42b87cbc35b5cfd322a28855f065d26f436c03afca3138f8b
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
d2151ea3c5abf5e7b4b8b2eed91adbf302ae5feb4fd72939a783589d51444e09
d2e16f136e4d10ee38ac1bedbdf0c5ef59b6b26797f44f72163a6b4c4af8952b
d8e755e03d3e57faafd07db017727681cf2d09e00e98a28475530c18222bf938
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d17425d4fd45e6e76aaff4e8fe440088568c84404e4b74431045b8c83f8487
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e845e365bdb32edfe0ba4844067c37badfbb0074b2c50e59badc306dc825db38
e90129759ed7d7799f8623aeeaa02c838d7f1dc5682773ebbe3c530147811353
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb9f71449f0c00dfefca91bc9f09a504cd43ad3e6c72100c6ffa7f46cd528cdd
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a
f47bb06ab2be3b58ca5411a770899cf17874503821db52b976f853537967b7c5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa2995a5509de47472e5d8c1f27e0ffa1511d56b72ad565025b3f1daf077e6f6
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fe3e69e9215e3e33beee85e52083e367cc59656faa417b1d5f0f308180c76411

freeimage.host Open in urlscan Pro 2606:4700:3030::ac43:ccce Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

95 %HTTPS

63 %IPv6

13 Domains

20 Subdomains

19 IPs

2 Countries

2694 kBTransfer

7024 kBSize

20 Cookies

4 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freeimage.host Open in urlscan Pro
2606:4700:3030::ac43:ccce Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

95 %
HTTPS

63 %
IPv6

13
Domains

20
Subdomains

19
IPs

2
Countries

2694 kB
Transfer

7024 kB
Size

20
Cookies

156 HTTP transactions
3 data transactions