infinityfree.net Open in urlscan Pro
172.67.71.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arowanafish.shop/
Effective URL:
https://infinityfree.net/errors/404/
Submission: On February 03 via api (February 3rd 2022, 4:06:37 am UTC) from JP — Scanned from GB

Summary HTTP 102 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 11 domains to perform 102 HTTP transactions. The main IP is 172.67.71.120, located in United States and belongs to CLOUDFLARENET, US. The main domain is infinityfree.net. The Cisco Umbrella rank of the primary domain is 390400.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time infinityfree.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	185.27.134.149 185.27.134.149	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
6	172.67.71.120 172.67.71.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:400f:803::2003	15169 (GOOGLE) (GOOGLE)
2	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4016:6::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
102	20

4 185.27.134.149 (United Kingdom) 2 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

arowanafish.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.71.120 (United States)

ASN13335 (CLOUDFLARENET, US)

infinityfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400f:803::2003 (Minneapolis, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4016:6::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-h0jeenle.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 ade.googlesyndication.com — Cisco Umbrella Rank: 268	293 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 bid.g.doubleclick.net — Cisco Umbrella Rank: 452 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	78 KB
15	gstatic.com fonts.gstatic.com csi.gstatic.com	256 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	259 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 957 r2---sn-h0jeenle.c.2mdn.net	4 MB
6	google.com adservice.google.com — Cisco Umbrella Rank: 80 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438 www.google.com — Cisco Umbrella Rank: 13	85 KB
6	infinityfree.net infinityfree.net — Cisco Umbrella Rank: 390400	176 KB
4	arowanafish.shop 2 redirects arowanafish.shop	32 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	google.com.hk adservice.google.com.hk — Cisco Umbrella Rank: 21818	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	648 B
102	11

	Domain	Requested by
19	pagead2.googlesyndication.com	infinityfree.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	csi.gstatic.com	imasdk.googleapis.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ade.googlesyndication.com
6	infinityfree.net	arowanafish.shop infinityfree.net
5	fonts.googleapis.com	infinityfree.net googleads.g.doubleclick.net
4	r2---sn-h0jeenle.c.2mdn.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	arowanafish.shop	2 redirects arowanafish.shop
2	googleads4.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.google-analytics.com	infinityfree.net www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.com.hk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
102	20

This site contains links to these domains. Also see Links.

Domain
forum.infinityfree.net
app.infinityfree.net
ifastnet.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com.hk GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-01-25` - `2022-04-05`	2 months	crt.sh

This page contains 9 frames:

Primary Page: https://infinityfree.net/errors/404/
Frame ID: ABE667AF1785A030DD2B913D1D4D3AA0
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: D0BB2FE767C8BB3B0C05B24138B2551B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&adk=1812271804&adf=3025194257&lmt=1643665368&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190981&bpp=4&bdt=559&idt=286&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2290654638212&frm=20&pv=2&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: F43351D39143B5B1FFA85189DE310C8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327
Frame ID: 9FD82F5C8C199AE4145071A86FE010D8
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331
Frame ID: BD17B0F3DDB64D66B49D6EAFD0FB00A0
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 390C43792A9F1EB9015792689CB34F2C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 49C3E6AFC38C604208C12E9EB72DAA1F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDD3B69AFBE3CF71F1EF35C1EC6C3CD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 258A899F73C6394255F014FF88B9870E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Page Not Found - InfinityFree

Page URL History Show full URLs

http://arowanafish.shop/ Page URL
http://arowanafish.shop/?i=1 HTTP 302
http://arowanafish.shop/wp-admin/setup-config.php HTTP 302
https://infinityfree.net/errors/404/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

102
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

20
Subdomains

20
IPs

4
Countries

5413 kB
Transfer

7183 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://forum.infinityfree.net/
Title: community forum

Search URL Search Domain Scan URL

URL: https://app.infinityfree.net/login
Title: client area

Search URL Search Domain Scan URL

URL: https://app.infinityfree.net/register
Title: Register

Search URL Search Domain Scan URL

URL: https://forum.infinityfree.net/docs
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://forum.infinityfree.net/docs?topic=49355
Title: Learn More

Search URL Search Domain Scan URL

URL: https://ifastnet.com/portal/aff.php?aff=23782
Title: iFastNet Premium Hosting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arowanafish.shop/ Page URL
http://arowanafish.shop/?i=1 HTTP 302
http://arowanafish.shop/wp-admin/setup-config.php HTTP 302
https://infinityfree.net/errors/404/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/14BE30BC01CE272399E35466CDEFCA881AD184B8.B77CDA9E6A62392B814893B5EB771D35A9C49BD0/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8165CD69F5D0552F90020BFF1C52245DDC679A53.7B5C37AFBBD95370F26D0F73ADBB53854176CB9D/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 58

https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/14BE30BC01CE272399E35466CDEFCA881AD184B8.B77CDA9E6A62392B814893B5EB771D35A9C49BD0/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21DB1CE9EFC4A74C3F35F0301105C69BDD99C83D.43BAF2B8C7A75A0108786F56EBA58A2895B9340C/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
arowanafish.shop/ 827 B
825 B 191ms
62ms Document
text/html 185.27.134.149
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://arowanafish.shop/
Protocol: HTTP/1.1
Server: 185.27.134.149 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b62cf03d034117f2f63f13a69511fec867ca63e2005a2cbe6671cd69db0480d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx
Date: Thu, 03 Feb 2022 04:06:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK aes.js Show response
arowanafish.shop/ 30 KB
31 KB 62ms
61ms Script
application/javascript 185.27.134.149
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://arowanafish.shop/aes.js
Requested by: Host: arowanafish.shop
URL: http://arowanafish.shop/
Protocol: HTTP/1.1
Server: 185.27.134.149 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://arowanafish.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 04:06:26 GMT
Last-Modified: Sat, 08 Aug 2015 08:12:26 GMT
Server: nginx
ETag: "55c5b9ea-79e6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31206

GET
H2

200

Primary Request / Show response
infinityfree.net/errors/404/
Redirect Chain

http://arowanafish.shop/?i=1
http://arowanafish.shop/wp-admin/setup-config.php
https://infinityfree.net/errors/404/

9 KB
4 KB

189ms
88ms

Document
text/html

172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infinityfree.net/errors/404/

Requested by

Host: arowanafish.shop
URL: http://arowanafish.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

381d569935e280dfd37f2c00d7b3978e219dbf963f065231ab6818324d06f18c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://arowanafish.shop/

Response headers

date: Thu, 03 Feb 2022 04:06:28 GMT
content-type: text/html
last-modified: Mon, 31 Jan 2022 21:42:48 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-security-policy: base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
x-frame-options: SAMEORIGIN
referrer-policy: origin
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aTU7gSVFbPbyXtDUKZowLHuvCL%2BQQPHkjeOWB%2Bs2RQ%2FgCCIug8p%2F6oDeAdEaiD7eoCJ1RcWYtL7KQX%2FKEHkAvo0%2BX4qHmQLxbGJl6vPlBPURMKe6dqTd7A6vt7%2BPtzegmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d78c96e595af403-LHR
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 03 Feb 2022 04:06:27 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 220
Connection: keep-alive
Location: https://infinityfree.net/errors/404/
Cache-Control: max-age=0
Expires: Thu, 03 Feb 2022 04:06:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 189ms
64ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79fd81f44308bea1a5f9134ad14851c0c7b520439085c4d92879ce17bf21538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 02:25:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 04:06:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 04:06:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
778 B 187ms
66ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,300

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 04:06:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 04:06:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 04:06:29 GMT

GET
H2 200 front-869750e97835756bcd77dd6b8cf7748a6b45ad92b680cd9dcbcfddf714d89dd9.css
infinityfree.net/assets/ 212 KB
37 KB 59ms
59ms Stylesheet
text/css 172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infinityfree.net/assets/front-869750e97835756bcd77dd6b8cf7748a6b45ad92b680cd9dcbcfddf714d89dd9.css

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e3adf8596d0259f41d2e01177505394742c6081f54d31ab6947670fe1c7a6d9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1384187
cf-polished: origSize=219210
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: origin
last-modified: Fri, 14 Jan 2022 18:46:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61e1c51d-3584a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUxO%2BAYdbKytthL1AJh%2FexcBNMg04tC1Z6C0rOQgXOXM7%2Br%2B9CIGs6wcY6SgRMBNVaW4bvoJ%2FjxOKYdWwZbGdwLGTofn6%2FUrCPgoT1uJVuDRuha4bViTeGTEn%2Bumh5Sas9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: base-uri 'none'; object-src 'none'; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
cf-ray: 6d78c96f29c3f403-LHR
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 214ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9174038688046015

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2552b933b632947807a6a48b26a4872e975af703df8fe725a69f6283bd6ce666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://infinityfree.net/
Origin: https://infinityfree.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52997
x-xss-protection: 0
server: cafe
etag: 13864430927179274353
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 04:06:29 GMT

GET
H2 200 logo-c4b8b48e3dcb6ca5cd6227317693edb013d372a75a06af8f2e7e5c4dcea22354.png
infinityfree.net/assets/ 7 KB
8 KB 53ms
51ms Image
image/webp 172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infinityfree.net/assets/logo-c4b8b48e3dcb6ca5cd6227317693edb013d372a75a06af8f2e7e5c4dcea22354.png

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89fc1df430783a4900749f019fd8e1903f5e3bc769419dfc6ddf351f724c5da

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
etag: "61f857d8-292c"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2527
cf-polished: origFmt=png, origSize=10540
content-disposition: inline; filename="logo-c4b8b48e3dcb6ca5cd6227317693edb013d372a75a06af8f2e7e5c4dcea22354.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 7260
referrer-policy: origin
last-modified: Mon, 31 Jan 2022 21:42:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 03 Feb 2022 04:06:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfugjqCONPq1LlUqmtJ5XNSaDDPB2NrZUI2iUwvWutKpbsh9QkCZ5rqLxC632baVsIKa%2B%2FB0GmtKc6uXITRZoa%2FFgtDP3T6PkEDI%2BbajXrId8Ut4ddwMEoY9RfD9YDedog0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d78c9705a67f403-LHR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 front-a44b92f9715d7e02120b3bc1c97e25a25ad8d42b295df52298cb467d9722f16d.js Show response
infinityfree.net/assets/ 184 KB
49 KB 54ms
53ms Script
application/javascript 172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infinityfree.net/assets/front-a44b92f9715d7e02120b3bc1c97e25a25ad8d42b295df52298cb467d9722f16d.js

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44b92f9715d7e02120b3bc1c97e25a25ad8d42b295df52298cb467d9722f16d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195195
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: origin
last-modified: Mon, 31 Jan 2022 21:43:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61f85809-2e183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr0zHRca8H1pODcb8Z%2FTNUVtPVjvwXQzAFaPJV8IhhhaCSt9nxMAQ6OlnxmbHEy82eKZv7q2NGw%2BW%2F0su%2BQ%2BSZu%2Fr8z6%2F0Bv3KuaLIVe%2FXHdElwKAEsG5S9eOpVpkqP5o0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
cf-ray: 6d78c9705a63f403-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 196ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1895
date: Thu, 03 Feb 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 05:34:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 30 KB
31 KB 190ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://infinityfree.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:33:06 GMT
x-content-type-options: nosniff
age: 117203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:33:06 GMT

GET
H2 200 fontawesome-webfont.woff2
infinityfree.net/fonts/ 75 KB
76 KB 55ms
53ms Font
font/woff2 172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infinityfree.net/fonts/fontawesome-webfont.woff2

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/assets/front-869750e97835756bcd77dd6b8cf7748a6b45ad92b680cd9dcbcfddf714d89dd9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://infinityfree.net/
Origin: https://infinityfree.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2526
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 77160
referrer-policy: origin
last-modified: Mon, 31 Jan 2022 21:42:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61f857d8-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzP4rT5htGSvPJcvYmPfuPajxORIugfAMjyJhQD%2BtAtTxTY6b7ZKL3qz0CmfT9%2FqD%2FLAIpDOXP7AD9Z%2BujjujcwookySqNxvWToVavVZtzJ0UIlhY1GboDW6SuiipXw%2Bqaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
content-security-policy: base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
accept-ranges: bytes
cf-ray: 6d78c9706a6ef403-LHR

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 256ms
123ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://infinityfree.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 483267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:52:02 GMT

GET
H2 200 bg_footer.png
infinityfree.net/images/ 2 KB
2 KB 58ms
54ms Image
image/webp 172.67.71.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infinityfree.net/images/bg_footer.png

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/assets/front-869750e97835756bcd77dd6b8cf7748a6b45ad92b680cd9dcbcfddf714d89dd9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871058001da530d62a9efc6f1007c57849b6e004f081bb26d40080975f2dacf8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; child-src 'self'; connect-src 'self' https: www.google-analytics.com fundingchoicesmessages.google.com pagead2.googlesyndication.com; default-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https: googleads.g.doubleclick.net; img-src 'self' data: https:; media-src 'self' data: https:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https: www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com cdnjs.cloudflare.com c.evidon.com content.quantcount.com; worker-src 'none'; block-all-mixed-content; report-uri https://o881419.ingest.sentry.io/api/6108064/security/?sentry_key=53507701d302401b97c4a9ec903c141e;
etag: "61f857d8-ab7"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2527
cf-polished: origFmt=png, origSize=2743
content-disposition: inline; filename="bg_footer.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1702
referrer-policy: origin
last-modified: Mon, 31 Jan 2022 21:42:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 03 Feb 2022 04:06:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=612AqAUOJYKOwe%2BBMGVE8gtzTZEmXw9asVb4GPlc1j9PmCwBMjzUmBeff%2B%2BnUTHtcft%2BU%2FJ6lXSGag6ttSs0FGbOUyBR8tdBQ18idE9gY7CZP75QNqjLgu2AXTRCjNOPYtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d78c970ba8af403-LHR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 64ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=154877506&t=pageview&_s=1&dl=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&dr=http%3A%2F%2Farowanafish.shop%2F&ul=en-us&de=UTF-8&dt=404%20Page%20Not%20Found%20-%20InfinityFree&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1539394798&gjid=2113375581&cid=28577988.1643861191&tid=UA-71917162-1&_gid=698034421.1643861191&_r=1&_slc=1&cd1=adsense&z=876619159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://infinityfree.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://infinityfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/ 287 KB
103 KB 146ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9174038688046015

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0d428f3416daa1b65f6de3a2c84d8066ab1f8e5ae2f15889b0e3ac87e1542d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105697
x-xss-protection: 0
server: cafe
etag: 6004654452111430024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 04:06:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame D0BB 10 KB
5 KB 170ms
54ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9174038688046015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 02 Feb 2022 16:23:29 GMT
expires: Wed, 16 Feb 2022 16:23:29 GMT
cache-control: public, max-age=1209600
age: 42180
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 180ms
63ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=infinityfree.net&callback=_gfp_s_&client=ca-pub-9174038688046015

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b56abb6c495deecc4863a1b68d1cc6d7dbea910c884259bd5363bf6933af829b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.hk/adsid/ 107 B
792 B 179ms
62ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.hk/adsid/integrator.js?domain=infinityfree.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 179ms
62ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=infinityfree.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Feb 2022 04:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F433 9 KB
889 B 156ms
94ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&adk=1812271804&adf=3025194257&lmt=1643665368&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190981&bpp=4&bdt=559&idt=286&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2290654638212&frm=20&pv=2&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2562e5c49c2a2a13a499ac92942389d4a5dc27a9ed33b5712062d4f245c6c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Feb 2022 04:06:29 GMT
server: cafe
content-length: 866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Feb 2022 04:06:29 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FD8 66 KB
21 KB 209ms
159ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1797f9d753a8dc1b579de3cab72c0b67d929580f0367625466ff25f5b70c1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Feb 2022 04:06:29 GMT
server: cafe
content-length: 21153
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Feb 2022 04:06:29 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD17 66 KB
21 KB 223ms
183ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f18d676075a15d1b0cb2c368e9ea4d5917179ddf9b5ee5095bf8083cd7c5036b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Feb 2022 04:06:30 GMT
server: cafe
content-length: 21037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Feb 2022 04:06:30 GMT
cache-control: private

GET
H2 200 ca-pub-9174038688046015 Show response
fundingchoicesmessages.google.com/i/ 89 KB
32 KB 192ms
75ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9174038688046015?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eacb18e976617348af8edb73cd32ff6a5e5774c5d9ac3d171460c33998e0e88

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LuokZPYdhd7ocrDs6KV0Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-LuokZPYdhd7ocrDs6KV0Zg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LuokZPYdhd7ocrDs6KV0Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-LuokZPYdhd7ocrDs6KV0Zg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Thu, 03 Feb 2022 04:06:30 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9174038688046015&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220131_103600&sat=1643774735247&afm=2%2C0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=2&mdns=0.290&alldns=0.290&allp=33&pgh=1928&su=infinityfree.net&pvc=537136378687135&r=0.1&eid=31063751%2C44750773%2C31064677

Requested by

Host: infinityfree.net
URL: https://infinityfree.net/errors/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 9FD8 19 KB
8 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 03:41:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9FD8 8 KB
714 B 133ms
70ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 02:23:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 04:06:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 04:06:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 9FD8 14 KB
3 KB 184ms
54ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 9FD8 355 KB
123 KB 189ms
59ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 9FD8 14 KB
6 KB 164ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 03:45:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame BD17 19 KB
8 KB 153ms
66ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 03:41:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD17 8 KB
714 B 98ms
63ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 02:21:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 04:06:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 04:06:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame BD17 14 KB
3 KB 158ms
56ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame BD17 355 KB
123 KB 233ms
132ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame BD17 14 KB
6 KB 182ms
107ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 03:45:50 GMT

POST
H3 204 AGSKWxXiGrZdAmIYThSX5DgkxQ8zhu_7m6KU5Xr4Phm078cECLK0bhIhufpRIifX7IEMJ8egxJIBxmN78xRnff0EuQ== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 129ms
67ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXiGrZdAmIYThSX5DgkxQ8zhu_7m6KU5Xr4Phm078cECLK0bhIhufpRIifX7IEMJ8egxJIBxmN78xRnff0EuQ==?pvid=9C59A8AF-604D-44FA-8604-4797F12EDE12&anonid=50857135-9F31-4B51-9DA5-A728151E1B12

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.hqs-2MAbKFY.es5.O/d=1/rs=AJlcJMzb0gJP4CDfbFZo_rAoosj4GKajiA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6iDLEvicXkQ2Q3gy05VC5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6iDLEvicXkQ2Q3gy05VC5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://infinityfree.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Feb 2022 04:06:30 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://infinityfree.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6iDLEvicXkQ2Q3gy05VC5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6iDLEvicXkQ2Q3gy05VC5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW0mfEluLBzLuoS20BPAyBr8j7llRTR3qraoUbQn-f1rCjAQboOn3pteycfBUf2HRLb11q7g1XkxC7iTuzHTw== Show response
fundingchoicesmessages.google.com/f/ 249 KB
52 KB 170ms
108ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0mfEluLBzLuoS20BPAyBr8j7llRTR3qraoUbQn-f1rCjAQboOn3pteycfBUf2HRLb11q7g1XkxC7iTuzHTw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzODYxMTkxLDgzMTAwMDAwMF0sIjlDNTlBOEFGLTYwNEQtNDRGQS04NjA0LTQ3OTdGMTJFREUxMiIsIjUwODU3MTM1LTlGMzEtNEI1MS05REE1LUE3MjgxNTFFMUIxMiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2luZmluaXR5ZnJlZS5uZXQvZXJyb3JzLzQwNC8iLG51bGwsW11d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e142ab6d9997b11914ac0977440b37f6b59aaab41f731641c5b663970a5fd8c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xzbk5t5OcSkg0IsYP1Hogg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xzbk5t5OcSkg0IsYP1Hogg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-xzbk5t5OcSkg0IsYP1Hogg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xzbk5t5OcSkg0IsYP1Hogg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9FD8 0
54 B 528ms
181ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kz6gidiz&c=6400910221484&slotId=3200455110742&qqid=CJGmo5LU4vUCFU_juwgdNEgN7Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9FD8 15 KB
15 KB 115ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 36611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9FD8 15 KB
15 KB 120ms
59ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 484002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FD8 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CB5JRxVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT6AU_QpbY285_vjTeTKQnvC-EBkwsp8mFiWgZoNX5s-M2uIr5ej-qTOpEK9AjFHWoFDupxCdF5I5uzmOPul7aDTP31KTf3DQZCUVfAy1xXeZSYvBc2CWQEnd9kf8IYxZ0tLeGzPqVvkUEJxLqZXbEXUJgyEyIjZfZmokXNhjmWEUrYh1moSCTYEcO_8KPGq0S1j07KwFAqDhfjtBesFHiAQUVtoermgy879gu1vNxTXXvraQOMpQ1qO688jf9tZNc2fEjRbghNU1sMK3ZzloZ8pwtDYcGZTjZTXoYyWuuYEOReX8C4rLyzje3ogiDVOO9QTwh2wvHyq_R-2bjABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1643861191939&ai=CB5JRxVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT6AU_QpbY285_vjTeTKQnvC-EBkwsp8mFiWgZoNX5s-M2uIr5ej-qTOpEK9AjFHWoFDupxCdF5I5uzmOPul7aDTP31KTf3DQZCUVfAy1xXeZSYvBc2CWQEnd9kf8IYxZ0tLeGzPqVvkUEJxLqZXbEXUJgyEyIjZfZmokXNhjmWEUrYh1moSCTYEcO_8KPGq0S1j07KwFAqDhfjtBesFHiAQUVtoermgy879gu1vNxTXXvraQOMpQ1qO688jf9tZNc2fEjRbghNU1sMK3ZzloZ8pwtDYcGZTjZTXoYyWuuYEOReX8C4rLyzje3ogiDVOO9QTwh2wvHyq_R-2bjABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9FD8 29 KB
15 KB 226ms
85ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BY8jQkxiYko1EsNYgD7btp-hLr40quI31TDamL9qdJX1snaj2-Ax7D2rjovl3Kl3BrNXCu_IRkI26YDx1hv60YPhlV8A&dbm_d=AKAmf-AslX0eYutxinS8wZ9Zcr9huZZDGOlsGLF0nBcFRWvZil2FD9obsC3WfRvRv2VNTAVOnNiV9gtO2fsOiCkcSfc5B3mRax6C16cHvtmGaUbklHr0bwfhkj6I67RHXIDYrFNY49BnyBuoPjsBsfbeVpLIi4Oc-Jx0pjxxi1SoQpmALp_gmQ05yEknjRvllZk1_mhw81YEMwgbH_iA3dKkng1HBcyINw9-XppYjd7hKXizCNvZRR8YEIrvlBwh5rFHpWCTvfK73IfNazyIyVZ3iBbAUsCZs8_9Un2I8eLmpyzXlJp-yWN17HZ8HJdLithEcVxdzp0C45lW7UMsYI8VSIHzJcxF3YglUDYGqp5DzgSljKWutKhzZHIbCiJcMfxvrdTvgT-pLVisAq30r51zCTmQsnv-GRVlk-JtrtgBQDVUOaWY4-YJ55HYgsJftZiJqMjKLf0lVrKr1mG2Z5-nG5Bqa5Jk08mDZyp15uboHn2XbPbhPD66D9WLodoyANBmU8cpVZ2hIJGnNETxz0MDz9ftSDuiTlt3P5ynDODjo8g6y3eXV1p8rq_3MppjFDL_1DdcPhn8W0E5b3KJIHCpjh4h1UpIMk3k5HDu4weW7PtMWKyxu2CW1Cpa-ZlMroikOkWBjinBOSWAFzqo55KbNmp7-xd25Ai4Ta8J_bNkzrAyjzOpPK_edxa099tFYt7_t8MTUMkhUjLpffe6qXoauUL2FmuWR4ZRTZxMw8Iyva9uRHavY5TlUO610brsRxyemuMaZLJ3mWP9p79oS6tZEEd5ksuXVNeCBE4uwuFJyONoSB3ZF4H3-u10JYquvNDZHRGHlg2L-WGNvhTOmIrs3XxhlnQZv_ziTy6YBXOrdq7XafbcsNpJV-rIAHjGgA7nQo6woiPHKqK2RVhbhIgScERubCo5HI2xI5EjquINxumlh6lBhGsjn2CYDXyOVOyT3u9SHLkDbSoNwPXU98U0z96ume78kb4jAxVfvitozyL1AMeuNKiTWNRXnFzvmR0fvXaoNPcpKPJrgCRE98_cAFb6K8ZkeYrwiUC_zLSTpu1Sune4QkXSIYBdMb1g_NadkCfLxUwnLc6nkP2qNSspqVcTf0aAk4LRIxzt54s0tdFB6uhtOoOEM72yzjLLGp0kUrQAE2ZwqXFnP6716MlshkNLBN3lkxLT9kIgqru4nQCNMfn61QsBaQBNLgNSlMrf5svDoczhU-tWwKLI6f5zld3OCi4oJgKZT22-sOqjhuf9k4Bhhoa_f_zbAhr0-LFRvxTl23A8WKUT7wZKDgWvCkmR84_44VvvDaA3RWXaMTEf_R6IZdIRn5b_qxJ8repsTerQNO0meCA3RVfcgpBkFyGH9QMRNo_lhwZugKr7XXIzVtwcB83pjwAX14fHP5S-58P1TypaGxeGKRTTPqzPYLQjZER52_hfInkLpGFs0SMYNrTTO4x7REJcEJ2FByT5NecvhBRJF9AOEcLSI1KhEE1xOpVVUn_O_hmcCQey5OXrPcqUCHxVbqK0jjFEkHhvpsD2cITRQFxxc4bJSxdyDwGTIQfiCagzG_3D2doiSPWcG3Xr3Hver0Efw6ydPA3SYMOdB5ri0EVaRACQiO6AW7-TdksvjfDB_opHQ1styjkLlQEF7_346Icp9281bpbRHMytB9POc0jvogQqLPBsoEKki8oDM1O61eUwPoW1mqIyq1yNtJtbOus-9IhdbtO9IPjcH9h9Y37a_6qmc_XCX2fDOX6HQ-C58EN4fDVvMdpfLYFQFIVcmf9LNCaCvVEblZNuwbCnkMt93Vy9PA6ctm7e5F_QGcT2rzl0KXcivz_SvfRfk9rK0oRO5Q326DSxI9QImHgfk1VW0kRwykTCrP3NoCF7n795DljhOYULcG-DhceAUbpjDeC_SVMWassG--FyckQ7E2K3IH-ARtOqOgZIo7UTuMej2gWw-uclr4ibJoFg6lSvU7WOdToRoUjr1D6t-lrNnGRnwsnXOtGuH8_Sof2TOfdYEp2mYvLmJQE9tL5HQ0CwXKCQ5RIe--7oMi4m87zAHMwR5OzkwcYaRKbZE2TYEYhgvTlc6aD_ek27Xw4GylbC8jt1vY_qXtQ5V9CMppDoBH4_bvY0Asyk1G7x8m4Qc2irlPfbzTwp9FU_tLXAB1QKIosoazZSIJQ0B27Nf--ps4riek05QnCNcoZElPoxjM1iQ-MsgJ1GUDoAvOKY-P2jbF9CmcXLn0k3b49vxN_WqCu3Fp_C2omkR2-LQT8vTsJgoTaKNGIIeZhRLW8-AL5VcuWPYL1_y8sSokHNBu2V_BQeToP8ZfLJRlmWn9SsRQnkI5QLni4eTeKMqi-XPcj5KEynsbgRwEEHmlb442KSGZtD12ZhCtPAMxPkgSrI1dQcRH9nI_YXqEzvatggSkKK-kKlQUoNbqdsmUKYMLO6XCa_6l0_2YPlmcRyXolJJWV6PyOkWMFgwz7gDseANPNSdyldvixY-R5dJi4Kb8Qsnxc2c03nC7XZ2TApd0gou3a50lpszIw0lBuoLWjy5zrRjin7BK4Fnm01LnrI0oQii-pEV9hIlCuTHEJ0oj0tnJiWNjH-sGCK-MZ9CUsvZa2QH9Wu9CWE_nkFg9FXGAFyYITxF509p7QtgEDu105y9c9BuVZsKc4DUPd1QkCb5B8voyDjNCs7gGU262mwO-Or19kkIsSG1JHH5oE9DQdZuYK0oY7GxsiPenTDFBuJMDt7MYEFECPdsXjYAaxp9C2QUhzVJmMce9WIE8JX0wzGHrU5n6gWZX5441rdyAKjZDV4Kh16CxP-Z148PkP6MV4FJcjw1Q_DFuRpWeiEWt83-BrezJb_V-xY2--hH5DsiDdH621iihuIECmwkrt9Mx3gnqLdjiXMIwM27cr-Baygedm64G0JOJiuTUWERwG9jB2sUvySCcu6LcYRFrIFBrjRRBhCDizrvmE87VMpj5dtHQ&cid=CAASBORoNOE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

0cb6b158f655a0eb70b7422ab860fc9cb8cae9c304369b64153c54612cb06f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14813
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9FD8 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWKV6xVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwGqBPcBT9Cltjbzn--NN5MpCe8L4QGTCynyYWJaBmg1fmz4za4ivl6P6pM6kQr0CMUdagUO6nEJ0Xkjm7OY4-6XtoNM_fUpN_cNBkJRV8DLXFd5lJi8FzYJZASd32R_whjFnS0t4bM-pW-RQQnEupldsRdQmDITIiNl9maiRc2GOZYRStiHWahIJNgRw7_wo8arRLWPTsrAUCoOF-O0F6wUeIBBRW2h6uaDLzv2C7W83FNde-tpA4ylDWo7rzyN_21kjzfmvUL8Tt_gx6pCxdX6TJ2XwKJRQCQ3t8YwmTj54bEIUMH6uTkzcaaj9VxQ2eXzLNRaJG5zWEzCR8AEkP6A_usD4AQDiAW17vGtOpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD_qAkYgdf6vwHSCAkIgOGAcBABGB-ACgHICwGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTkxNzQwMzg2ODgwNDYwMTUYAA&sigh=fqVXXhQsgsE&uach_m=[UACH]&cid=CAQSGwCNIrLMsSFJLLCNofMqYFgYjv8OvTNZT-l7BA&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 03 Feb 2022 04:06:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Feb 2022 04:06:30 GMT

GET
DATA 200
OK truncated
/ Frame 9FD8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9216293da82ca7c31e259897c680cae11d5efe8b7b0f385947d76a773a16b92c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame BD17 0
327 B 438ms
181ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kz6gidlc&c=1852322881930&slotId=926161440965&qqid=CLO3o5LU4vUCFdzhuwgdhqAI_Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD17 15 KB
15 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 36611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD17 15 KB
15 KB 84ms
84ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 484002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD17 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8dxAxVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT0AU_QMKOvUnfPuTrfEzrpTQZz8AGmjS7rQaOR_xb2B0HO1nWkTFepzOWYg1SlzKjIcB8Ds9wRNJu4jteT55bclPJozwpx8Q0GzDVEqGQWIajuSLzfGpOW7x1luCpoj6ALxbFPxCd8UDEIBJw7QMLMaU2a9Z0zgx-KHS7Rqd12_7_NpnOHG9i78EW8YOfvk-hL1eQpBfTEQkI8QtcJPjKUb-mWicHEJu0WacoiCiCD1o1TAG1VTMbNJqahYjZn39ltWFVnVCXcBKQq_c3IautIIGZlTV3p7rWsOvfqgOugir0F4jNOv30JwNUaSA5ndSIBRcf_f3zABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1643861192029&ai=C8dxAxVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT0AU_QMKOvUnfPuTrfEzrpTQZz8AGmjS7rQaOR_xb2B0HO1nWkTFepzOWYg1SlzKjIcB8Ds9wRNJu4jteT55bclPJozwpx8Q0GzDVEqGQWIajuSLzfGpOW7x1luCpoj6ALxbFPxCd8UDEIBJw7QMLMaU2a9Z0zgx-KHS7Rqd12_7_NpnOHG9i78EW8YOfvk-hL1eQpBfTEQkI8QtcJPjKUb-mWicHEJu0WacoiCiCD1o1TAG1VTMbNJqahYjZn39ltWFVnVCXcBKQq_c3IautIIGZlTV3p7rWsOvfqgOugir0F4jNOv30JwNUaSA5ndSIBRcf_f3zABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame BD17 29 KB
15 KB 161ms
99ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B7fQBFf5UmiYOGYykOWU2p0NyNzJL_fB3cKesZfaAviAwFdRR2uSxqMwS_GyWZ1nCpun8Hr1YDGHnenTfVhVvrQLT3eQ&dbm_d=AKAmf-Cx5DLGM24agBnZiiD_nV9PH6-aslDh_JjyAMuKTXtlPqIJUwr_vcoC_79e5qVZIH2FKj3BaizMu7TRr_DdR0De99YohsiWZnoG53tI3CdNNqsvBkYwfnhMWZBdCLk5pxueZAzocwvgB7CHGG20toKk6zMUPIxiqsreomF43FWkv-aEiUcO_GxShbqxgd7UAvkL-yB8G86y-3eptjyTBCvjC7eced_akU-9hV29sq8UnPul7MpAtVc0BwtvSDIukLMEYz1EXBpr0LioIZ4g3v1Mrow0eUpIjO25cQPVDJPv3MydpY9ntBNedgtn4hWACcBTxjDKJAVainlaO90xf7ilwOV98JJUXRnP4tVTCowDWUcRowtHA20k3fTQnMmWnv5k7fDMdTl0QH14WoKNzq0ggeKhTuZ_xaHt0vWhgTpeloLHXhC-OnoMsnuij-mSnoGBWNneKC_1PMQuzbkAOEkEkkXThST6HQFr73aocN-HZ1AZx8mnEaenhS4qtMgAuGtxnmuMlXPFTMyMygCGcV-3MRJ60kSREle65541WvY_NsD1cpARZr3X3AZqUwFrIBVKaUh-FTavx2UFC70A032OfMXLEpgLquLbEFg1Bf5Gt0I_1m_1BopvQWfAUqIY56ji4aANRtTJW15HZeemZ2r_lnXldQ12yQz9sCAveymWRk-X41Zn8rbDD1pvIA6GQ1i95GMEvCdSI0_PgTFNSyV1HPdyVmE-mmlDl1U-2DhRU4iAgAwMn4EBLBK_D_Ru6jkNECeJEOSS1SyzufEIMvjRZRtZTiLj3yu1Dn-foAq8MdpWlxnU9JicK3os4iTJ6UDY61l_ZWPGjop6AkyTc4bcGVEDQH7W-L1j-jx-QktWQY4cS0Pb--L9tOr8IhkBkaY6pousN4AjEJMfJ1h-b2egbByMVRfx9A1oeCnBtPq_oTfn_HZ5wtyL_Rhx-NZXzO-HvxiYnLt2sam2GmGlZ2S-91yuzrq-7C8h5OcRHOoHt5XMQZdpRtCfAGftSVeKh1wOSazoNMrodjZSqUVpU1e9FV8B4JwZTl-fxdz2fhOQEGRK4DHwlmbDhYSEyC9X6xQAPPlyHYDfnwji7Xn_J2kjvqvjfL_9SBV2TX_-y_odegBFCO677ibk_GBFokwtvfvNPaQJRS9ydf_6XH1VHkKraHlMjaUv9XwzACmLZt1gDLKETEt-zjHyDP-yEjOY43YQ0d0x_D67TcPTM6yYeyIxCQ78NohaS4nHtNcrB0WU1knvJIRBZNvI1sgTD9pPRgS5s0hc6c3Bu9H421KuekBH-N0HMNK-cMhR3fRbpxuhLn-eQLlvLnYXoh2LzQnI_J9mVBZi554FyGg2RGpOr9hg_Y44kSd-dJrigvLdxI-b1PGbfr8Sp0BdPP4dIk5oGxXmVwgkd5gqgrOxDdj9GMGiDMxF1nCCdiJVoFgsjdPuYQRZr4vuJYnqLwtdvNSofNsAehFN9jqnfVSwotv9PX_i6IWDH7veLzzVt5uvx3duHjPTm0DOXmJQ2x1GEWJCpkbLvsYKUD-w4N5kwqpoHP0yhQu9NpsufHNMKoJV7quS178QL7Kk_ziSvcDXo3ahUgsbV3kACxUvGnnYxVnezmkYG6XkmjUyJgiilhaYRS4p6CrSDT9PVPZDIlyoAiX3ij8uuTssNpBBn1-FFjypQ_ZOuKP0xBQ42IOxNQZtvtXxB4DEQcontQEmpodUl6GkQq5EA6ey2qCH7Ncov7jU8aIHx4fUw1hZ9EnKI7kAXzWEL5CRL0XuleTLa_pCO7aBttXG-wqqbeq25gmNPkpOMnsqxp8VhAnfVLd2PkeEHr8cBvJzFk4yLuLDEOtitnHMDcCJOYF0IjXTh-CrkdpMI0x5aHG1GN-tRfj8n9YwD3cv5fmMeJp9sF_l9NEIEAYDToR-9almQska_1NDQYi9FRFde8szFlTROzb779wr84ti3A0XN8xo6zIaNf2Hh5PGhCw14NtlzVVcXNTYlnWqHI4tPRf6JpQJsu_lORghcULiL3L8QcmQIv6mNT9iMiPYGK9FFjnilRU8_N0ZhF7oZr1MpC8GOQDRbUWplu7EI8cjUmagNHN-iLuzWDSOQnt1aKMBI4wsGDz397hIPfWgr-B155pBhuw6IUeUPyhtlnlKNYJmF3tn3KDjh_n2ts7cur7QZnGQhsLIbqGmybxHZU7NU7_fQGUnmPv8OVh4Ox2hF0QQzUFehZdiXCbjNWoYJlmXlb_XWX1_JZ2LY6ZqDEm1LGMi13ScX_pmWflDwmnrXUUkQlJ1rdB_hZ8XGr2jvlWvTc60FHyNL2DneXdwfbow2Jb1qx1QtQxmuyWKc-qr7cBIq2Pyj2roHKUlgawK_1FwZgoBxengyMhHT-xCdTAqssEJ2g223qej2RmqTICjEQZJRX2hf-H4oLTClyPBZFFEDxJ09AdxHJ7afwE9oDxjS5asKFoaoJbfV3gn5IsvsCXkiSVxjLbWDxrSEd_RKnGLEdzHWlmYvghtGh0Du4ryNPW0FkMgK_kJVKnHjbZO1D31q5CEpF-y165EvBW5RFG2EMS0Z1SJk95nAvLVct1pXRQmATYDP8uNNH_-OZN5ptwpWNOT5rYp-kXrOWauid2CpxrpNTG6YiZ2-qFIhW9XGtAjlKN2cIjcNo0SDR6bJAztKPfXwJnFUxOAEgoGaqUcByhBuN5xOMSspIo9DoT7FD6QSNZtGp05z3cN_ZgdTbEpvxnVqUr_IGzM-FcBjH0mmsc1Mbr2HsP0ZuCFEc57dSMGbymXe1R-1UNT37-OSvWCgssDJZ_w_PMZwQ-1ObG2-ZQCb70qgSI9D8Z6FIxlqUaUc_xL2Zz6IhWQUmTbMjUj5IEtmR3mn43bliW5TAoJwtPT46jB2VJXXe12WZwpRqqeaHFC0ONSeATzLYHKX7zsLA8SJ-OR3mrh89JIbnrWtM2u&cid=CAASBORohb4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

3bda26bc15b9e37e334d1f4d5731d1e0e3ac21943f7219672f4a5f1387f520ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15037
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD17 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7VS5xVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwGqBPEBT9Awo69Sd8-5Ot8TOulNBnPwAaaNLutBo5H_FvYHQc7WdaRMV6nM5ZiDVKXMqMhwHwOz3BE0m7iO15PnltyU8mjPCnHxDQbMNUSoZBYhqO5IvN8ak5bvHWW4KmiPoAvFsU_EJ3xQMQgEnDtAwsxpTZr1nTODH4odLtGp3Xb_v82mc4cb2LvwRbxg5--T6EvV5CkF9MRCQjxC1wk-MpRv6ZaJwcQm7RZpyiIKIIPWjVMAbVVMxs0m_qD4w_RNn__rycE9lnpobsvNBilaavVZ5_AjQuNNv4UiQ3UlkiEVcBDMK_pthDkLFp5dIn_Ei78sdMAEkP6A_usD4AQDiAW17vGtOpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCThAsYgdf6vwHSCAkIgOGAcBABGB-ACgHICwGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTkxNzQwMzg2ODgwNDYwMTUYAA&sigh=Pf-0PApXiFA&uach_m=[UACH]&cid=CAQSGwCNIrLMtbOodm2ILO6mapfYhmYMUBNcIxwC2w&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 03 Feb 2022 04:06:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD17 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b17a0b58438d03f0ea733d47fe88958f8464462881a97c09c677053fe2fb8d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ 54 KB
3 KB 76ms
76ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_GB.v8nOaq0H-Z0.es5.O/d=1/rs=AJlcJMyOIkrZ1Am-fKRGiImYVuntsq4neQ/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 04:06:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 04:06:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 04:06:30 GMT

POST
H3 204 AGSKWxX8wuUHpvh8OHdlI5KcTgaCR_JnTZ2m8rNzpXKf40vPNU-SSAyEfS7-IjSFMB39TfkFD-9glkoYHdOzKjnyaX_K5gDC7edTVNUDtWnGnBjA2vZpygSz-IQSw2GE45SwjvXN4mACiydf7bdDW32miV5XkzQRpNqmoJzEHivANMe3ZXemd371WNGv8lM= Show response
fundingchoicesmessages.google.com/el/ 0
25 B 69ms
68ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX8wuUHpvh8OHdlI5KcTgaCR_JnTZ2m8rNzpXKf40vPNU-SSAyEfS7-IjSFMB39TfkFD-9glkoYHdOzKjnyaX_K5gDC7edTVNUDtWnGnBjA2vZpygSz-IQSw2GE45SwjvXN4mACiydf7bdDW32miV5XkzQRpNqmoJzEHivANMe3ZXemd371WNGv8lM=?dmid=4ed71774267dcd62

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3NmZW0Pcw3Nsi7gY7C5MEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3NmZW0Pcw3Nsi7gY7C5MEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://infinityfree.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://infinityfree.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3NmZW0Pcw3Nsi7gY7C5MEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3NmZW0Pcw3Nsi7gY7C5MEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 119 KB
119 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://infinityfree.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:31:38 GMT
x-content-type-options: nosniff
age: 117292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121784
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:31:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 130ms
66ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df3c2ae5ec80ea0c18ac1f5fc9096fd2ec6801a4ee7cec17fc1d6a7faf7430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Feb 2022 04:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9847
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FD8 41 KB
15 KB 121ms
56ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FD8
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

249ms
63ms

Fetch
video/mp4

2a00:1450:4016:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8165CD69F5D0552F90020BFF1C52245DDC679A53.7B5C37AFBBD95370F26D0F73ADBB53854176CB9D/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4016:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 04:06:31 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2156719
Last-Modified: Mon, 17 Jan 2022 09:07:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 03 Feb 2022 04:06:31 GMT

Redirect headers

date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8165CD69F5D0552F90020BFF1C52245DDC679A53.7B5C37AFBBD95370F26D0F73ADBB53854176CB9D/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9FD8 0
54 B 249ms
182ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kz6gidj9&c=6400910221484&slotId=3200455110742&qqid=CJGmo5LU4vUCFU_juwgdNEgN7Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.p7
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame BD17 41 KB
15 KB 88ms
59ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

250ms
64ms

Fetch
video/mp4

2a00:1450:4016:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21DB1CE9EFC4A74C3F35F0301105C69BDD99C83D.43BAF2B8C7A75A0108786F56EBA58A2895B9340C/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4016:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 04:06:31 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2156719
Last-Modified: Mon, 17 Jan 2022 09:07:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 03 Feb 2022 04:06:31 GMT

Redirect headers

date: Thu, 03 Feb 2022 04:06:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21DB1CE9EFC4A74C3F35F0301105C69BDD99C83D.43BAF2B8C7A75A0108786F56EBA58A2895B9340C/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BD17 0
54 B 215ms
182ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kz6gidlq&c=1852322881930&slotId=926161440965&qqid=CLO3o5LU4vUCFdzhuwgdhqAI_Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.pw
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_fy2019.js?bust=31064677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Feb 2022 04:06:30 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 390C 23 KB
9 KB 55ms
53ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 20:18:19 GMT
expires: Mon, 30 Jan 2023 20:18:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 287291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 49C3 23 KB
9 KB 59ms
58ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 20:18:19 GMT
expires: Mon, 30 Jan 2023 20:18:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 287291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDD3 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Feb 2022 20:59:59 GMT
expires: Thu, 02 Feb 2023 20:59:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 25591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 258A 783 B
1 KB 180ms
63ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c24b52987e092d2347f34c989d7423a5219ee8cf89caabe81db8c99a4671bdc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rYCc28ayC8HpgDSAJhjFnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 03 Feb 2022 04:06:31 GMT
date: Thu, 03 Feb 2022 04:06:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rYCc28ayC8HpgDSAJhjFnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 390C 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 20:08:22 GMT

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 49C3 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 20:08:22 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame CDD3 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 17:16:26 GMT

GET
H3 206 file.mp4
r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FD8 2 MB
2 MB 130ms
64ms Media
video/mp4 2a00:1450:4016:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

99d92eaf7d593c51fe87df4cccaf87125a40d2fce3379437ee8c599620a719a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2156718/2156719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2156719
expires: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Mon, 17 Jan 2022 09:07:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 9FD8 0
17 B 350ms
181ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kz6gidr0&c=6400910221484&slotId=3200455110742&qqid=CJGmo5LU4vUCFU_juwgdNEgN7Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F02e0aeb5f1637a1f%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3786858446%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F14BE30BC01CE272399E35466CDEFCA881AD184B8.B77CDA9E6A62392B814893B5EB771D35A9C49BD0%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame BD17 2 MB
2 MB 128ms
65ms Media
video/mp4 2a00:1450:4016:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-h0jeenle.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21DB1CE9EFC4A74C3F35F0301105C69BDD99C83D.43BAF2B8C7A75A0108786F56EBA58A2895B9340C/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeenle/ms/onc/mt/1643860301/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

99d92eaf7d593c51fe87df4cccaf87125a40d2fce3379437ee8c599620a719a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2156718/2156719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2156719
expires: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Mon, 17 Jan 2022 09:07:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame BD17 0
17 B 347ms
180ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kz6gidrz&c=1852322881930&slotId=926161440965&qqid=CLO3o5LU4vUCFdzhuwgdhqAI_Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F02e0aeb5f1637a1f%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3786858446%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F14BE30BC01CE272399E35466CDEFCA881AD184B8.B77CDA9E6A62392B814893B5EB771D35A9C49BD0%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 258A 0
0 66ms
65ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=537136378687135&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDD3 0
9 B 53ms
53ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?so0yHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 390C 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9mdIxlT7YZ_BJ4fm1gb6oasQAAAAADgB4AQC&bg=!x8SlxIDNAAYZkRhwGZE7ACkAdvg8WvTC6d2m71Vb5YwOB2gn0AyUKECO__BtvuUzdLlCdYlVfM4-fgIAAAEwUgAAAANoAQeZAtYMo6wdNILyc7GY2U0Jf56z_ErRMfOj-Hsj1K0PRPbwlVRebs_GL2uDj5ThuNjSAfQ-OsoYZo3ljhOlZV5ioo6SyIx3iJ4T2XsXC_w-Yd8heUtaR1nJX7ZcJ3a1G3DfNP-VltCim7s-l3d4Ldlt0ajZjHT_ozK7sXMpuuZo0jy4hEy6WKPccmF_s6Yqy560mRV5yWL1ks9QaCRgjjyZhAFYIO8WaZ1cDWr5puBF60rHVpNpOkeaFi3vT1h5URSyBi9-ewSdODxjeKGJ9XH4xspyt8xy8HMAahzqccIm1ElQ9c1k_mhISHpTCixWBMorq-aZumr5gcOUQHTNA1icVbULrCuWu6tn7k-RTsulPzpZqYJJ0s7iCsg_9-LG7T-HJzFyd0KLeMx3b72AikXp1EoQkxHzHmG05P4zRxaaK94Iicq1wWk-gIji6xrtygrEUiF23ZvJ2EHUSvrZ2HlzoEoOco_3TpFQNv17Q3u3U75IRj8C88bgqtBmcA0L2VnV_OEFIwdg6IrkZsroOMfful5LpqU33ke_0txGWfObh3oSvmztLHuFFOy2QljbQJWwatsN-BZSzIKKAW0bNWPPo9iUcDV-eifqfl1dDxmBCUT4oJ2yEqFDArj9Y-WkIf8fdVrWd2RaYijCM5ubpa_SQg-iVaEV_k74DOPhN2dS0-rEKxjfjBbFEvUpdf_BpkAZHkNbpLGyYXoQ-j0yJB4QTGwLt1a2lfYZ4ZsmP3vGRRW8QpTeMBVMy7pUsVDjP5HG6rMnb_in1-YH52JOyZXhmduL0GihNzACMG6d9VkWijGs7EEip8l117c9uSNWTdUwSeiYwds7LxJPhmn9xlNlaf0hRxz33ad8_CAVMOljHjZlIz5FN-q_-P36VAMznVYfWiIBoQ1HrFZkaEgrpauUk3uknYlxPjHxVMM9AGOYZMulmG7pxkuphepiQmaZAvnnaoQMDfxlrvc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C3 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B8CIexlT7YcizJ5bGb8SWkbgHAAAAADgB4AQC&bg=!AwClAETNAAYZkRhwGZE7ACkAdvg8Wvt0D4ItP4YLAg7FXYRgtoC_-BAUbgwvJt3a0dQahTxPv1GB3AIAAAEcUgAAAAxoAQcKAH7SdiugMCNWfcJGcB7bFjUfq6XIP9lt8UjxoIfiwd_MMrBLjqj-Rd9ZZylYGPP9u0UBVF-bnGqH9Yws40bFreYI0GlDb1VD6ETLsJi5ImclbQdfGKyQh26jVQbeKlMCBjC-f-MFiLJWmOhd3nDamc_HqW_NVCZKjSRFwmGOLdCZAtsn8BnCMKms6URxYrUHcv7za4R124Td5F_yWVAxcbZtI6Ja3mJKM-DYy9iSfIP9dPbX4Xte1OLOgDbwh4xT7BcorhNPUlTa-9DixBubYBkyrtK0FyPJuJrvEWxvL_aGFfZmhd8L81dwNfdYI5MxKs1l2lymp73u4RRwziFHkq8V6sxTZ4p2NIT8PCR4nn-EJQH_bg8xb4b8tvKpe0snw3Lh6JzBjAw9uRm9cEhNVLHXg_1u26bbD46fKg6vGg6P5MtQCrw2vioruqRc4TTxiHYdNnleYlaqsbQMgz_s3pim35nHetK48w41pGvhOXZDu2R6YJ02HKu30DS8Z9UF2qm8cDzrGqSf7Wwqog7Ix38B3v39AYo1-0-L9zsVmGDSGbvQmuMf8BAvyicWGVnU3NxjJo6v6bR9fEZ3xj3-FFFaz_hhHxQXKXxEkNFckmIW3ZKZzTkN4I5OmKNu7b_e5mFS4b34gKhZcGjsEoUdKovaNVzvWDQ9QAKRQhk6IkSj7pZ5LrS063sazFnACplc5CNiKSzvveA8H4koRgSHsIluPGlkRag0RsSpigsS0Y7bpEZ8MAPwLsZQZ-pNa1QY0e_eJcj_9FWAqyabFXflTwSPoFUgGdVp5ZrxH_hXbsB_-ja3GrJJkOHtWISPG3p5ts84nzrx1E9YajCgx7jQ29R9qelx3UAcLXclBBbTmnKLfgRvwao9H4ud67acENaRIix4srx6ouq-XCwo2CuR5egwijxbFAncWOAqrCvYNpeqPf4qwy8idukdYjwxphqikclavqfWGZ74SwGHa0453NXH0O7j8tfMpFU3Q3qhH3odQDHCRTJPcdr_99rk6JTvZgd3wdZTizi_QzpPK6sDzrNytVh-Z3tEzQ4ANsIwrrJqeXIG0DM4HESlG3CuEf1NfrC79gskwwfJnrTdtBkU_nVEtofP--O0AefhYQgfwlXjjSKhqm0GULhsofav1g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26...
ade.googlesyndication.com/ddm/activity/ Frame BD17 42 B
494 B 214ms
90ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861192986;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame BD17 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8dxAxVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT0AU_QMKOvUnfPuTrfEzrpTQZz8AGmjS7rQaOR_xb2B0HO1nWkTFepzOWYg1SlzKjIcB8Ds9wRNJu4jteT55bclPJozwpx8Q0GzDVEqGQWIajuSLzfGpOW7x1luCpoj6ALxbFPxCd8UDEIBJw7QMLMaU2a9Z0zgx-KHS7Rqd12_7_NpnOHG9i78EW8YOfvk-hL1eQpBfTEQkI8QtcJPjKUb-mWicHEJu0WacoiCiCD1o1TAG1VTMbNJqahYjZn39ltWFVnVCXcBKQq_c3IautIIGZlTV3p7rWsOvfqgOugir0F4jNOv30JwNUaSA5ndSIBRcf_f3zABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=zSrDcVEpN1c&label=part2viewed&ad_mt=6&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861192986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD17 0
571 B 195ms
72ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJWVzVzzUmgT52zh0b0vettsPZsOOD5A0SgbCJrqyNpwzl0HH9I2ISnPOxPlJuixYVRlv5Gl1dj1ig-_1irsTBG2WpX9UlGx8RSnQCGjKl9S9jyOzX8TR2YccrbZbxMN6PIPD8vz6U8md-ga7pAG5JjoomMnNyLDGhhL0CM-hQP05ZzK2fg_Tq3OyozTSL3GlNWRViZbQzNfOe7lAN5xOPVDRWe3SWGQcoCJLfZ0XAo4aIHiu-uwelu3IbRMz1vcsQtp5U_A4qO9I8JojkZx1FFlmRqHZLRGObHRXqT0lMHVlKlCKox0CZv3n-nvWxBy9TICB4bpKRJTcW1AFl5UvzsINsIFuOHB2LTehKQaclteHD9SQbxhA4nujo8v2vT4N0Hn1EhRq7sgd1oTHmHU2N3iY0c3tguIqs4IndE2vTiKNHRDLHkU1BOSoz13dzVkULw5Lr6sJfPynLUlNCWL388SlfE7XuIQKOR9eZM4t-wN4mZB5-S_pNqPQOlLWFfLw_Vi1QE2ehPYhHL8z8BT3GmjiL5juDoR92d0RK-drvejmhZ-USchp8C5baCaYLVprI4XcsDWeUnaPCLDGMev_1N2Hf3wmkuSslnzzz_97P3noIlcLWvTKWl4Uhwq0h585nnhpg4noSsiCt1erAs8yQnp37U4IraT5bniDeRtnInLr6859ah0u6c3tZsOrsZ_87K8GNGNEKq9USuuAp97zn3A7QmHHtyABMOvof9v3IwVmAqVr6os62lKhwQMSisbF3E8T5nisugTI7Zdx0BiBbDlIST2OHPni_WDtsQMUzDsWgyH_dleT21Rax0Z6MOi4b4bZq4CsuVZsEiyY3X1VgQMl7aQllIwYuc2zRKr2fS8qXzwPEqb5JN6qxIPNLXRUhbqTo_PYFnxFj7EdKZzJ4PNfrFLmFXIY0ea38dvVOuVa2FmODfD42JY467DqJIQHYrQRLAjkIcHtRvDO8uA0KcQF-I6VX9jvMTJD6XsT4RZuYxI6PJZoAelF2bwLBQYRQtasI2vbAt1zjvCQ3nZSdZM2m3Ou-JYpn2QCLSVaxIW_TLXbNavYUwNKygOcUYOFzSCfnxUMZJHlNQLv2uNk2-sur6mY&sai=AMfl-YRHbuAENuJGMIu6K-FHScni2NvEWevFRGmiryYR27C7HFJETnaURs6Mc8F6GzIXgo8qAdVsou_4yvtPsdLzN_Kzmf9dQlfcZ4OVLzHIjJ4D_xZDLg&sig=Cg0ArKJSzBn8CsV_Ku29EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 03 Feb 2022 04:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame BD17 0
16 B 65ms
64ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQyeLMhAMYgdf6vwEgATAB&v=APEucNUBTBeGP-xWApl34xCZHMAmlvUwADNbeDcnmSSbEocxnEHkKoLvo5nrCxYFXLmBXfZqfDPuWokI3hIr24y1jk-7UiDpIg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD17 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%2...
ade.googlesyndication.com/ddm/activity/ Frame BD17 42 B
107 B 216ms
93ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861192986;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BD17 42 B
64 B 67ms
65ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIp6lugVQ3ireWYVNbvTKnJoh2xhJiRflTX239pNOEKs-IW3teeyb-NrUH8HpVgT3qI4pbL5sJ-4M8vl0LitsINk08oY_7XfOlvzPFhT6ta7xgAZTAqg&sai=AMfl-YSU6J5WYvb0g-vr_Vq-1EXXMgg-4okVmF2xHyAqXeNtjMlzEyK7LFbp2dhunkgG7u0V9ZA_zEsHiwTH&sig=Cg0ArKJSzLWdTJrxwy8kEAE&cid=CAASBORohb4&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861192986&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame BD17 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8dxAxVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT0AU_QMKOvUnfPuTrfEzrpTQZz8AGmjS7rQaOR_xb2B0HO1nWkTFepzOWYg1SlzKjIcB8Ds9wRNJu4jteT55bclPJozwpx8Q0GzDVEqGQWIajuSLzfGpOW7x1luCpoj6ALxbFPxCd8UDEIBJw7QMLMaU2a9Z0zgx-KHS7Rqd12_7_NpnOHG9i78EW8YOfvk-hL1eQpBfTEQkI8QtcJPjKUb-mWicHEJu0WacoiCiCD1o1TAG1VTMbNJqahYjZn39ltWFVnVCXcBKQq_c3IautIIGZlTV3p7rWsOvfqgOugir0F4jNOv30JwNUaSA5ndSIBRcf_f3zABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=zSrDcVEpN1c&label=vast_creativeview&ad_mt=6&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1643861192986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=6106612656&adk=2303722872&adf=3222637375&pi=t.ma~as.6106612656&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190990&bpp=2&bdt=567&idt=328&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DO0SGIvNBS&p=https%3A//infinityfree.net&dtd=331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame BD17 0
17 B 182ms
181ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kz6gie4o&c=1852322881930&slotId=926161440965&qqid=CLO3o5LU4vUCFdzhuwgdhqAI_Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=217107&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1az~videopreviewstarted.1b1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FD8 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26...
ade.googlesyndication.com/ddm/activity/ Frame 9FD8 42 B
107 B 181ms
91ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861193040;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FD8 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CB5JRxVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT6AU_QpbY285_vjTeTKQnvC-EBkwsp8mFiWgZoNX5s-M2uIr5ej-qTOpEK9AjFHWoFDupxCdF5I5uzmOPul7aDTP31KTf3DQZCUVfAy1xXeZSYvBc2CWQEnd9kf8IYxZ0tLeGzPqVvkUEJxLqZXbEXUJgyEyIjZfZmokXNhjmWEUrYh1moSCTYEcO_8KPGq0S1j07KwFAqDhfjtBesFHiAQUVtoermgy879gu1vNxTXXvraQOMpQ1qO688jf9tZNc2fEjRbghNU1sMK3ZzloZ8pwtDYcGZTjZTXoYyWuuYEOReX8C4rLyzje3ogiDVOO9QTwh2wvHyq_R-2bjABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=OLidsMeb-f4&label=part2viewed&ad_mt=2&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861193040

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FD8 0
61 B 162ms
73ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7bkRoHdqiPhmQle4vxs0qOFubFhaQfEbmpDrnN9rYT9n6nz5w0uGy4sGehpiFJsn65HVtUePGekVUiDnEVs5oRxdrtrs2s_uijwR0bIXA8qCp6q42qIpSdM67l0v7xxpkd8YJvGmBgM78j1S1Ai-kftPRYfRHg40-JF35lWGVHHq_2CzoEqRTY39hdjKY93LAdnKr7tYOyC6fIEpAO2SwVn1Rn7po4eb1iipTPjOGLaSvYN4vOL7jlkHH-jOwep-ck5Ezg-rnRXRn2_96c7znPD7ZefqaP25SyED0RIGYKjpvST4G5-F00YeaoGbTq5rPIO8hY9SsucQaAoFOw84_1lWMGHbh73va5F4YzBNW2LpmFJdFLPUitdzfzqZmKvQ3sqQInjvHictLd57O9fL4nId9p8vVsvHaJTvH2mSxiJ3ih0Zucje5jgLM3x9T7WmYRZKlNjsmb7BcDHufQOB1wyPbj5Q0Ead0I6Y-fEdA0y29HRi9E4V-K60Hz3e8mlKl9jyYf75AySIdUxa4KCFlrO_tLOym9Vzw02X4c1BXKk2CvbX7cOFfMOrEbaDYO-iho3jY4hE3F-VzYtdI_eiML4dNfElLpaiyAFEzazKiy6YmwgCCXehijPVBm9uc9_KIbHikjWY7XrsDjYs5xbHbCwcE9Ytu-LSwRYsWZ7R7L9cBw1yJZtPyhYzQAIjrgjeGzfRgJs171MOptc-prxq8cPqiuUf-4nXvP22wh3NvTSt-RHR0UQKkrigI5ZjbmWMVPR16gyytC6s-x1dzJ2EJuxvJ4UgERxCFuIo8FpG-8JJTaONC8HUgodChOJtxwFE-o6-9PtNUW3XnRLgOnguyCXZs9wIQJZOiNy0yJq_JZdrD_4BZBOxGVAHRby9StO-zsw5BfsZjDJ5aO8jmBXgEOsnxBJynM8Th0-DjqjtYdcEQo_CPOrA3Hnx1RBeVnF2HNxAbtEGSOwYd7uC0v6-Bi-rDy_Skv2wlsBp09EMRt3veOSPID0W-4OWtYIiFRX4vGNZJZPzWu9RjAyj2ziG-xQEQdcJDgrsjaKDWuequQqOsk0eY7dl0v3xfXkziKRtkecB7ponR9HAmkLCjD3DPKRCK9mK4_9OzkaDXfg&sai=AMfl-YQmLkM96E0ju5S4WvjeZ3OD35fp1VyINeN0FU-H2Uqu54E9zrx9DTD4GsvwpBLn0IDrJcOFmJSIxM6752NfGOZZi2-u_xdAyJ8QvgA_UInqlh8Nig&sig=Cg0ArKJSzFRpWyyKcmaiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 03 Feb 2022 04:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 9FD8 0
16 B 64ms
63ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQyeLMhAMYgdf6vwEgATAB&v=APEucNXe5xATRR9c0jYpd4CpB4rnlKuoBgt2eo4Hj44B3N6TepgryQqYX82qjhl7l59DwUFugque62nJ1-MthuDo3e51o2nsJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%2...
ade.googlesyndication.com/ddm/activity/ Frame 9FD8 42 B
107 B 180ms
91ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861193040;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9FD8 42 B
64 B 65ms
64ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6r2xXgKSGqgiwg8qaSdcKRJTRY2NCs3UYMsa8lIbzTaUKbTlXANfHr0LQmsi8hXPaJpWomFXLBIbKFvDSRA14cokD9u7tgCuF9wBTHu6UGwTubytLSg&sai=AMfl-YT0SbqwQt8Df5IN8NpHxhHv9da4sxWlPKUKiSJWWJ_6eMoobaEKB2WG9jTUEGbG9gwdI0OiX7g-v5hY&sig=Cg0ArKJSzGMLI1XdJi_PEAE&cid=CAASBORoNOE&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1643861193040&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FD8 42 B
64 B 66ms
65ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CB5JRxVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT6AU_QpbY285_vjTeTKQnvC-EBkwsp8mFiWgZoNX5s-M2uIr5ej-qTOpEK9AjFHWoFDupxCdF5I5uzmOPul7aDTP31KTf3DQZCUVfAy1xXeZSYvBc2CWQEnd9kf8IYxZ0tLeGzPqVvkUEJxLqZXbEXUJgyEyIjZfZmokXNhjmWEUrYh1moSCTYEcO_8KPGq0S1j07KwFAqDhfjtBesFHiAQUVtoermgy879gu1vNxTXXvraQOMpQ1qO688jf9tZNc2fEjRbghNU1sMK3ZzloZ8pwtDYcGZTjZTXoYyWuuYEOReX8C4rLyzje3ogiDVOO9QTwh2wvHyq_R-2bjABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=OLidsMeb-f4&label=vast_creativeview&ad_mt=2&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D2%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1643861193040

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9174038688046015&output=html&h=280&slotname=8977136814&adk=2911420652&adf=1324505179&pi=t.ma~as.8977136814&w=1080&fwrn=4&fwrnh=100&lmt=1643665368&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Finfinityfree.net%2Ferrors%2F404%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643861190985&bpp=3&bdt=563&idt=321&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2290654638212&frm=20&pv=1&ga_vid=28577988.1643861191&ga_sid=1643861191&ga_hid=154877506&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750773%2C31064677&oid=2&pvsid=537136378687135&pem=685&tmod=1712700196&uas=0&nvt=1&ref=http%3A%2F%2Farowanafish.shop%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHStgRhwhu&p=https%3A//infinityfree.net&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9FD8 0
17 B 180ms
180ms Ping
image/gif 2607:f8b0:400f:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kz6gie4m&c=6400910221484&slotId=3200455110742&qqid=CJGmo5LU4vUCFU_juwgdNEgN7Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=216883&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1c8~videopreviewstarted.1ca
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400f:803::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220201&jk=537136378687135&bg=!NDelN3PNAAYZkRhwGZE7ACkAdvg8WnODuC_6bYeYwKrMawyAoO7xRaguAnGErPZ4jH-9zTkZ6dizAQIAAAERUgAAAAhoAQcKAFMtJ-IsMyU4wkdVvTsKCeR2bzsC00nE0-f7OiGTEZF9sMZNzlDDmd4cCQRJp7tKHitZsSVy2WYerO7fDAMEfqAJqV8y1Wne6zVjJL1w_vnWGspFKJkCvK5f7oPV5rVDMoE6umYSxLwRBGsfRQIlP2YK33A_SvGISqkxhFNSs7frrfpBh5fOEyEqSxgxPVKZaqfSDgDin2Ch8hiUXhCe3Ejg4NPqZ_Vo-TlbtOfoF5WmiIwZVl7uBsxZe6fCFwhOQexJJZ7c1rUjWHk9OjmeMIDilip4ILzmbNUNT6PZzD-9QtRcFJz0cyeNvGi2moKBfl5XKQ2cTV2L2nWxmkWCz96x-M4UDopqqfiF1dPa1IcaidQO25Ag5pcAnZaoSLoZMQMF6z-yJ8fLm_V4jyqPqAEEihlN1p6goO1Cf3BodQeykeSb9qYjEIaiK0htvcx8ehbLnQqIdD_g7a-CM6JJP1y4hDGbQAK5ZIAFv_P_Om8m58dXDifjvmXxznvDvhrYAd9X8gp880JbuyNNavunlq8mbRBCMR2CMn-C1NtzbMan86vaODlQPK1EF4YbEMGSS1zCcRnbc5NE-kIlUW1nZxFyxMxlqauFJsOIbapgtGwVLF-lRKy5HvM3cNRtURs4J8U5cUPEEvSGC5K3KiWkvuCJisGSZKX8Alp3dhY4StPAyn4l1gg1DufU3JPXyz7t0MV6lF_WOLrkUsK-czApipUuMWHb8tbPw_Zt-TSnZIiMsQGUHISkdVWQWendYamRyFjNO745CK0HsiDNpheQtdmcnA1bkJTacej_rYxTpUODG584mlkaCFrRYKc7NltkklbzLbzR952X9pvdAbvzl0bmOapgSIwGe1rI5mLmxK5BG1dpnGGiwznVtJwA9LU3EbgHmtUDaq9q4YJceeKieBsvvN0pbsNyTqmk6O6QmG6I1J9zPARpuMVHg8n3L7q_TrfSfCVj-khDdBKeeNXdQG30eC7rEiJ3m8d_r9Mz9GUxCQhB5Ce8BO6yaByePTkjb6eH7Q9yL4fch6k-Nrl4FlePj8w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://infinityfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26...
ade.googlesyndication.com/ddm/activity/ Frame BD17 42 B
63 B 156ms
94ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D0,0,2010,0,0%26mtos%3D0,0,2010,2010,2010%26amtos%3D0,0,0,0,0%26mcvt%3D2010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2172%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D1%26dur%3D15018%26vmtime%3D2180%26dtos%3D2010%26dtoss%3D1%26dvs%3D2010%26dfvs%3D0%26dvpt%3D2172%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.53%26mc%3D0.53%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2010;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1643861192986;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BD17 42 B
64 B 66ms
65ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIp6lugVQ3ireWYVNbvTKnJoh2xhJiRflTX239pNOEKs-IW3teeyb-NrUH8HpVgT3qI4pbL5sJ-4M8vl0LitsINk08oY_7XfOlvzPFhT6ta7xgAZTAqg&sai=AMfl-YSU6J5WYvb0g-vr_Vq-1EXXMgg-4okVmF2xHyAqXeNtjMlzEyK7LFbp2dhunkgG7u0V9ZA_zEsHiwTH&sig=Cg0ArKJSzLWdTJrxwy8kEAE&cid=CAASBORohb4&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D0,0,2010,0,0%26mtos%3D0,0,2010,2010,2010%26amtos%3D0,0,0,0,0%26mcvt%3D2010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2172%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D1%26dur%3D15018%26vmtime%3D2180%26dtos%3D2010%26dtoss%3D1%26dvs%3D2010%26dfvs%3D0%26dvpt%3D2172%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.53%26mc%3D0.53%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2010&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1643861192986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26...
ade.googlesyndication.com/ddm/activity/ Frame 9FD8 42 B
63 B 91ms
90ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D2025,0,0,0,0%26mtos%3D2025,2025,2025,2025,2025%26amtos%3D0,0,0,0,0%26mcvt%3D2025%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2185%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15018%26vmtime%3D2190%26dtos%3D2025%26dtoss%3D1%26dvs%3D2025%26dfvs%3D2025%26dvpt%3D2185%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2025;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1643861193040;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9FD8 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6r2xXgKSGqgiwg8qaSdcKRJTRY2NCs3UYMsa8lIbzTaUKbTlXANfHr0LQmsi8hXPaJpWomFXLBIbKFvDSRA14cokD9u7tgCuF9wBTHu6UGwTubytLSg&sai=AMfl-YT0SbqwQt8Df5IN8NpHxhHv9da4sxWlPKUKiSJWWJ_6eMoobaEKB2WG9jTUEGbG9gwdI0OiX7g-v5hY&sig=Cg0ArKJSzGMLI1XdJi_PEAE&cid=CAASBORoNOE&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D2025,0,0,0,0%26mtos%3D2025,2025,2025,2025,2025%26amtos%3D0,0,0,0,0%26mcvt%3D2025%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2185%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15018%26vmtime%3D2190%26dtos%3D2025%26dtoss%3D1%26dvs%3D2025%26dfvs%3D2025%26dvpt%3D2185%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2025&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1643861193040

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 04:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame BD17 0
0

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame BD17 0
0

GET dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame 9FD8 0
0

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FD8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn7zQktTi9QIVB7PVCh360AoCEAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCLO3o5LU4vUCFdzhuwgdhqAI_Q;dc_rmcid=CAASBORohb4;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D0,0,3785,0,0%26mtos%3D0,0,3785,3785,3785%26amtos%3D0,0,0,0,0%26mcvt%3D3785%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3947%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D1%26dur%3D15018%26vmtime%3D3957%26dtos%3D1775%26dtoss%3D2%26dvs%3D1775%26dfvs%3D0%26dvpt%3D1775%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D275%26c%3D0.53%26mc%3D0.53%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,3785,3785,3785%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3785;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1643861192986;ecn1=1;etm1=0;eid1=960584;

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8dxAxVT7YfPAN9zD7_UPhsGi6A_q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT0AU_QMKOvUnfPuTrfEzrpTQZz8AGmjS7rQaOR_xb2B0HO1nWkTFepzOWYg1SlzKjIcB8Ds9wRNJu4jteT55bclPJozwpx8Q0GzDVEqGQWIajuSLzfGpOW7x1luCpoj6ALxbFPxCd8UDEIBJw7QMLMaU2a9Z0zgx-KHS7Rqd12_7_NpnOHG9i78EW8YOfvk-hL1eQpBfTEQkI8QtcJPjKUb-mWicHEJu0WacoiCiCD1o1TAG1VTMbNJqahYjZn39ltWFVnVCXcBKQq_c3IautIIGZlTV3p7rWsOvfqgOugir0F4jNOv30JwNUaSA5ndSIBRcf_f3zABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=zSrDcVEpN1c&label=videoplaytime25&ad_mt=3958&acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D0,0,3785,0,0%26mtos%3D0,0,3785,3785,3785%26amtos%3D0,0,0,0,0%26mcvt%3D3785%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3947%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D1%26dur%3D15018%26vmtime%3D3957%26dtos%3D1775%26dtoss%3D2%26dvs%3D1775%26dfvs%3D0%26dvpt%3D1775%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D275%26c%3D0.53%26mc%3D0.53%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,3785,3785,3785%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D407842587%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3785&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1643861192986

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyK7QktTi9QIVFuMbCh1ESwR3EAAYACD-_-FOOhoIyeLMhAMQkP6A_usDGM64_94DII_97rK7D0ITCJGmo5LU4vUCFU_juwgdNEgN7Q;dc_rmcid=CAASBORoNOE;eps=CIDhgHAQARgf;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D3782,0,0,0,0%26mtos%3D3782,3782,3782,3782,3782%26amtos%3D0,0,0,0,0%26mcvt%3D3782%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3942%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D1%26dur%3D15018%26vmtime%3D3948%26dtos%3D1757%26dtoss%3D2%26dvs%3D1757%26dfvs%3D1757%26dvpt%3D1757%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3782,3782,3782,3782,3782%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3782;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1643861193040;ecn1=1;etm1=0;eid1=960584;

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=CB5JRxVT7YdGvN8_G7_UPtJC16A7q98myZ4_97rK7D9fWor3AARABIMmWxYQBYLsGoAHQzeCiKMgBBakCRR8v1cv0sj6oAwHIA5sEqgT6AU_QpbY285_vjTeTKQnvC-EBkwsp8mFiWgZoNX5s-M2uIr5ej-qTOpEK9AjFHWoFDupxCdF5I5uzmOPul7aDTP31KTf3DQZCUVfAy1xXeZSYvBc2CWQEnd9kf8IYxZ0tLeGzPqVvkUEJxLqZXbEXUJgyEyIjZfZmokXNhjmWEUrYh1moSCTYEcO_8KPGq0S1j07KwFAqDhfjtBesFHiAQUVtoermgy879gu1vNxTXXvraQOMpQ1qO688jf9tZNc2fEjRbghNU1sMK3ZzloZ8pwtDYcGZTjZTXoYyWuuYEOReX8C4rLyzje3ogiDVOO9QTwh2wvHyq_R-2bjABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=OLidsMeb-f4&label=videoplaytime25&ad_mt=3949&acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,304,273,777%26tos%3D3782,0,0,0,0%26mtos%3D3782,3782,3782,3782,3782%26amtos%3D0,0,0,0,0%26mcvt%3D3782%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3942%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D1%26dur%3D15018%26vmtime%3D3948%26dtos%3D1757%26dtoss%3D2%26dvs%3D1757%26dfvs%3D1757%26dvpt%3D1757%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3782,3782,3782,3782,3782%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D791409774%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3782&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1643861193040

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
arowanafish.shop/	1970-01-25 20:05:16	Name: __test Value: be4fa21f59b2d9b6d8c3a84c899f482c
.infinityfree.net/	1970-01-20 18:08:53	Name: _ga Value: GA1.2.28577988.1643861191
.infinityfree.net/	1970-01-20 00:39:07	Name: _gid Value: GA1.2.698034421.1643861191
.infinityfree.net/	1970-01-20 00:37:41	Name: _gat Value: 1
.infinityfree.net/	1970-01-20 09:59:17	Name: __gads Value: ID=ea9c2e2a693e72b9-2267ed8332cd0008:T=1643861189:RT=1643861189:S=ALNI_Ma64xzuY9vhd6LiFh-jVF80E0tLZQ
.doubleclick.net/	1970-01-20 09:59:17	Name: IDE Value: AHWqTUnVRk7FP23qiN08CBzAzJ1eGDrYQ3seFVuqi2qkwfKhs0xAf5lMsMQW2OpjKRk

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.com.hk
arowanafish.shop
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
infinityfree.net
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-h0jeenle.c.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
ade.googlesyndication.com
googleads.g.doubleclick.net
142.250.185.194
142.250.185.66
172.67.71.120
173.194.76.155
185.27.134.149
216.58.212.162
2607:f8b0:400f:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4016:6::7
0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be
0cb6b158f655a0eb70b7422ab860fc9cb8cae9c304369b64153c54612cb06f35
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2552b933b632947807a6a48b26a4872e975af703df8fe725a69f6283bd6ce666
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
381d569935e280dfd37f2c00d7b3978e219dbf963f065231ab6818324d06f18c
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3bda26bc15b9e37e334d1f4d5731d1e0e3ac21943f7219672f4a5f1387f520ae
3eacb18e976617348af8edb73cd32ff6a5e5774c5d9ac3d171460c33998e0e88
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de
5e3adf8596d0259f41d2e01177505394742c6081f54d31ab6947670fe1c7a6d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
79fd81f44308bea1a5f9134ad14851c0c7b520439085c4d92879ce17bf21538f
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
871058001da530d62a9efc6f1007c57849b6e004f081bb26d40080975f2dacf8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9216293da82ca7c31e259897c680cae11d5efe8b7b0f385947d76a773a16b92c
99d92eaf7d593c51fe87df4cccaf87125a40d2fce3379437ee8c599620a719a5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44b92f9715d7e02120b3bc1c97e25a25ad8d42b295df52298cb467d9722f16d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a6df3c2ae5ec80ea0c18ac1f5fc9096fd2ec6801a4ee7cec17fc1d6a7faf7430
b1b17a0b58438d03f0ea733d47fe88958f8464462881a97c09c677053fe2fb8d
b56abb6c495deecc4863a1b68d1cc6d7dbea910c884259bd5363bf6933af829b
b62cf03d034117f2f63f13a69511fec867ca63e2005a2cbe6671cd69db0480d6
c24b52987e092d2347f34c989d7423a5219ee8cf89caabe81db8c99a4671bdc5
c2562e5c49c2a2a13a499ac92942389d4a5dc27a9ed33b5712062d4f245c6c29
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0d428f3416daa1b65f6de3a2c84d8066ab1f8e5ae2f15889b0e3ac87e1542d6
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
e142ab6d9997b11914ac0977440b37f6b59aaab41f731641c5b663970a5fd8c6
e1797f9d753a8dc1b579de3cab72c0b67d929580f0367625466ff25f5b70c1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89fc1df430783a4900749f019fd8e1903f5e3bc769419dfc6ddf351f724c5da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18d676075a15d1b0cb2c368e9ea4d5917179ddf9b5ee5095bf8083cd7c5036b

infinityfree.net Open in urlscan Pro 172.67.71.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

92 %HTTPS

70 %IPv6

11 Domains

20 Subdomains

20 IPs

4 Countries

5413 kBTransfer

7183 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

infinityfree.net Open in urlscan Pro
172.67.71.120 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

20
Subdomains

20
IPs

4
Countries

5413 kB
Transfer

7183 kB
Size

6
Cookies

102 HTTP transactions
2 data transactions