www.ipshudi.com Open in urlscan Pro
2607:3f40:ff08::33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://web.sands-vip3.vip/
Effective URL:
https://www.ipshudi.com/
Submission: On February 21 via api (February 21st 2024, 6:06:50 am UTC) from US — Scanned from US

Summary HTTP 78 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 12 domains to perform 78 HTTP transactions. The main IP is 2607:3f40:ff08::33, located in Canada and belongs to ML-1432-54994, CA. The main domain is www.ipshudi.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on June 5th 2023. Valid for: a year.

This is the only time www.ipshudi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:5d62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:3f40:ff0... 2607:3f40:ff08::33	54994 (ML-1432-5...) (ML-1432-54994)
1	43.136.18.133 43.136.18.133	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
13	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 7	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2402:4e00:101... 2402:4e00:1012:8864:0:9a75:681b:dcbc	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
11	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4009:82c::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1 3	104.105.36.73 104.105.36.73	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.76.100.56 104.76.100.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.1.106.47 52.1.106.47	14618 (AMAZON-AES) (AMAZON-AES)
2	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	23.21.160.120 23.21.160.120	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
78	23

1 2606:4700:3032::6815:5d62 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

web.sands-vip3.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:3f40:ff08::33 (Canada)

ASN54994 (ML-1432-54994, CA)

www.ipshudi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.136.18.133 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

4.ipchaxun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2402:4e00:1012:8864:0:9a75:681b:dcbc (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

6.ipshudi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4009:82c::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.105.36.73 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-36-73.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.76.100.56 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-56.deploy.static.akamaitechnologies.com

secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.106.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-106-47.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.160.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-160-120.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	283 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	ipshudi.com www.ipshudi.com 6.ipshudi.com	140 KB
10	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	52 KB
8	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 1052 secure.flashtalking.com — Cisco Umbrella Rank: 2672 cdn.flashtalking.com — Cisco Umbrella Rank: 1279 ad-events.flashtalking.com — Cisco Umbrella Rank: 1378 d9.flashtalking.com — Cisco Umbrella Rank: 1922	12 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	136 KB
2	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 3128	1 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 12820	12 KB
1	ipchaxun.net 4.ipchaxun.net	518 B
1	sands-vip3.vip 1 redirects web.sands-vip3.vip	468 B
78	12

	Domain	Requested by
13	pagead2.googlesyndication.com	www.ipshudi.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	www.ipshudi.com	www.ipshudi.com
8	csi.gstatic.com	imasdk.googleapis.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	2 redirects
3	servedby.flashtalking.com	1 redirects imasdk.googleapis.com
2	data.ad-score.com
2	cdn.flashtalking.com	www.ipshudi.com
2	fonts.gstatic.com	fonts.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	hm.baidu.com	www.ipshudi.com
1	www.google.com	tpc.googlesyndication.com
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	d9.flashtalking.com
1	ade.googlesyndication.com
1	ad-events.flashtalking.com
1	secure.flashtalking.com	www.ipshudi.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	6.ipshudi.com	www.ipshudi.com
1	4.ipchaxun.net	www.ipshudi.com
1	web.sands-vip3.vip	1 redirects
78	25

This site contains links to these domains. Also see Links.

Domain
www.ip138.com
dingweilishi.com
ipchaxun.com
ipjisuanqi.com
dnsdaquan.com
chapangzhan.com
www.haoshudi.com
sm.ceqian123.com
chaziyu.com
www.chalieche.com
www.wentian123.com
user.ip138.com
beian.miit.gov.cn
www.beian.gov.cn

Subject Issuer	Validity	Valid
www.ipshudi.com Encryption Everywhere DV TLS CA - G1	`2023-06-05` - `2024-06-04`	a year	crt.sh
4.ipchaxun.net Encryption Everywhere DV TLS CA - G1	`2023-06-10` - `2024-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
6.ipshudi.com ZeroSSL RSA Domain Secure Site CA	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ipshudi.com/
Frame ID: 9D9A88904F9CE0CA740E8DD8A1CA1E00
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: AEC55FFB2C3B3DE6F8C5248CA2138523
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&adk=1812271804&adf=3025194257&lmt=1708495604&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.ipshudi.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603615&bpp=6&bdt=512&idt=426&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5504757343871&frm=20&pv=2&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=450
Frame ID: 60028F3BAA44FC5803A40D2519E88F61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457
Frame ID: 877438F0E2110C99987201257926F1C2
Requests: 38 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: DEB3F9D380B78B59EB037AB770EF7D19
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A20B4C851DD7CA936F67AD976DD80BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B61F58C1A3D4E8277818047ACD7E282
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IP属地 IP属地查询 IP归属地查询 IP地址归属地查询

Page URL History Show full URLs

https://web.sands-vip3.vip/ HTTP 302
https://www.ipshudi.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

25
Subdomains

23
IPs

5
Countries

739 kB
Transfer

40030 kB
Size

16
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ip138.com/

Search URL Search Domain Scan URL

URL: https://dingweilishi.com/
Title: 定位历史

Search URL Search Domain Scan URL

URL: https://ipchaxun.com/
Title: iP反查网站

Search URL Search Domain Scan URL

URL: https://ipjisuanqi.com/
Title: iP计算器

Search URL Search Domain Scan URL

URL: https://dnsdaquan.com/
Title: 公共DNS

Search URL Search Domain Scan URL

URL: https://chapangzhan.com/
Title: 旁站查询

Search URL Search Domain Scan URL

URL: https://ipchaxun.com/app/
Title: iP查询APP

Search URL Search Domain Scan URL

URL: https://ipchaxun.com/piliang/
Title: iP批量查询

Search URL Search Domain Scan URL

URL: https://www.haoshudi.com/
Title: 手机号码归属地

Search URL Search Domain Scan URL

URL: https://sm.ceqian123.com/
Title: 免费算命

Search URL Search Domain Scan URL

URL: https://chaziyu.com/
Title: 子域名查询

Search URL Search Domain Scan URL

URL: https://www.chalieche.com/
Title: 列车时刻表

Search URL Search Domain Scan URL

URL: https://www.wentian123.com/
Title: 天气预报

Search URL Search Domain Scan URL

URL: https://user.ip138.com/ip/
Title: ip属地显示功能

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 闽ICP备15026659号-21

Search URL Search Domain Scan URL

URL: https://www.beian.gov.cn/portal/registerSystemInfo?recordcode=35020302035840
Title: 闽公网安备35020302035840号

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://web.sands-vip3.vip/ HTTP 302
https://www.ipshudi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://servedby.flashtalking.com/imp/1/225407;7893662;201;gifimpid;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntent30sUSDSKVID1920x1080/?ft_impID=710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D&ft_custom=&ft_c1=&ft_c2=&ft_c3=&ft_id=&ft_mcid=&ft_mliid=&ft_partnerid=&ft_section=&gdpr=FT_GDPR&gdpr_consent=&gdpr_pd=FT_GDPR_PD&us_privacy=!!US_PRIVACY!&ft_creative=4141210&ft_configuration=0&cachebuster=1877790749 HTTP 302
https://cdn.flashtalking.com/xre/789/7893662/4141210/image/4141210.gif

Request Chain 66

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARikjoWAAiABMAE&v=APEucNXiXSmFksbd8ji3Nw2Lg7uQlC42GioSy1maUnL1ORHHyQiiEHn19QO7WKBgfmO0KABOy8A4htOHzm4gz6b5_nBlRbDzzb0PA2kagQWrBdnOoAj8AdI HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWS9sAoJU0AADT4AEXSLAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTngt1bgWUU4mGH2TLr5Bk&google_cver=1

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.ipshudi.com/
Redirect Chain

https://web.sands-vip3.vip/
https://www.ipshudi.com/

9 KB
4 KB

2740ms
850ms

Document
text/html

2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 44139a85585ab4d7876b581085cb1f7f3ce4eec683c1c6350929691190494880

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Feb 2024 06:06:42 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Via: 1.1 PS-CZX-0141e31:3 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:17 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 65d592f1_PSmgasbIAD1pb76_5437-65061

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 858ccdf98a7b9ab4-MIA
content-type: text/html
date: Wed, 21 Feb 2024 06:06:39 GMT
location: https://www.ipshudi.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3br%2F6VnOL47j4rU1CjmkXgQ1O%2BZoI8SmV2BofxeFKIgRZbshSH%2FL96Bh2qhHxo5SU1IZDARgmdssdrxzFPn7drENOASEhoDRd9F7PmcFhVXdXrtLnXSNuyjggRqGF1ZKBygSTxCwJIjUr22OTOfeq6w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-ws-request-id: 65d592ef_yatu3_18230-50491

GET
H/1.1 200
OK common.css
www.ipshudi.com/static/www/style/dist/public/ 11 KB
11 KB 73ms
63ms Stylesheet
text/css 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/style/dist/public/common.css?v=202402201115
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 38ba4dcea05a95c294687ea75305bc3a0ef4d36c75575c20ed3b3578773dc6ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 07 Apr 2023 09:59:54 GMT
Server: nginx
Age: 1
ETag: "642fe99a-2b05"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5437-65168
Content-Type: text/css
X-Via: 1.1 PSzjnbsxkx232:3 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01Sd731:0 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1pb76:4 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11013
Expires: Wed, 21 Feb 2024 01:00:34 GMT

GET
H/1.1 200
OK index.css
www.ipshudi.com/static/www/style/dist/index/ 4 KB
4 KB 133ms
60ms Stylesheet
text/css 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/style/dist/index/index.css?v=202402201115
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 9b7319d60425fa1def69c0cf22c7d0bc89353345cc3576a42e8af25e92df8230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 07 Apr 2023 09:59:54 GMT
Server: nginx
Age: 1
ETag: "642fe99a-1000"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5437-65172
Content-Type: text/css
X-Via: 1.1 PSzjnbsxkx232:2 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01lrj33:1 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1pb76:5 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4096
Expires: Wed, 21 Feb 2024 01:00:34 GMT

GET
H/1.1 200
OK logo.png
www.ipshudi.com/static/www/image/public/ 2 KB
3 KB 188ms
60ms Image
image/png 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ipshudi.com/static/www/image/public/logo.png
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 454260400ef06c37ca70d81ff513f8868b3b86a8df657ca58bb64b9b3b22875c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 03 Jun 2022 14:23:56 GMT
Server: nginx
Age: 1
ETag: "629a197c-810"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_6152-58776
Content-Type: image/png
X-Via: 1.1 PSzjnbsxsy229:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01Sd731:7 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:5 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2064
Expires: Wed, 21 Feb 2024 01:00:35 GMT

GET
H/1.1 200
OK logo_ip138.png
www.ipshudi.com/static/www/image/public/ 6 KB
6 KB 113ms
61ms Image
image/png 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ipshudi.com/static/www/image/public/logo_ip138.png
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 4f746588795ae87bb372c14c94c69f0fb6322bc81c3fed74d4972af52144c9e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Wed, 31 Aug 2022 03:42:42 GMT
Server: nginx
Age: 1
ETag: "630ed8b2-160b"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_6152-58784
Content-Type: image/png
X-Via: 1.1 PSzjnbsxkx232:8 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01dzH35:3 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1pb76:6 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5643
Expires: Wed, 21 Feb 2024 01:00:35 GMT

GET
H/1.1 200
OK 2001:550:1d05:1::4.gif
4.ipchaxun.net/ 191 B
518 B 3255ms
784ms Image
image/gif 43.136.18.133
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.ipchaxun.net/2001:550:1d05:1::4.gif
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.136.18.133 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx /
Resource Hash: b97ec9142c0e8698d6aeac173f08105b990bc57d9d850c9f1d9eb410114d38ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK slogan.gif
www.ipshudi.com/static/www/image/public/ 341 B
851 B 61ms
59ms Image
image/gif 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ipshudi.com/static/www/image/public/slogan.gif
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: c3d2c27f826fd73ff9619357a5757c47d507d962ca6b6af177fec2b7398db300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 26 Aug 2022 05:58:43 GMT
Server: nginx
Age: 1
ETag: "63086113-155"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5437-65175
Content-Type: image/gif
X-Via: 1.1 PSzjnbsxco103:10 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01lrj33:6 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:12 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 341
Expires: Wed, 21 Feb 2024 01:00:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 254ms
114ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8274819269094861

Requested by

Host: www.ipshudi.com
URL: https://www.ipshudi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe7bbed879e36055cb00cf42a2cae7f07f17db6636f14c601ecd6bba60112e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
Origin: https://www.ipshudi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51239
x-xss-protection: 0
server: cafe
etag: 9206055790959055464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 21 Feb 2024 06:06:43 GMT

GET
H/1.1 200
OK sea.js Show response
www.ipshudi.com/static/www/script/dist/lib/ 9 KB
9 KB 61ms
60ms Script
application/javascript 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/script/dist/lib/sea.js
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 2e791c9f9887bf67bda9094e50382859d313005894f7998568ae34703fe62d17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 03 Jun 2022 14:23:56 GMT
Server: nginx
Age: 1
ETag: "629a197c-23b1"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5784-30142
Content-Type: application/javascript
X-Via: 1.1 PSzjnbsxsy229:6 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01eKx34:3 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1pb76:18 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9137
Expires: Wed, 21 Feb 2024 01:00:35 GMT

GET
H/1.1 200
OK common.js Show response
www.ipshudi.com/static/www/script/dist/public/ 818 B
1 KB 61ms
60ms Script
application/javascript 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/script/dist/public/common.js?v=202402201115
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/static/www/script/dist/lib/sea.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 80df96ffb8f2be8f9ddc1274120e8d3bde11f07694f4bca5a2d0bf83c13ef081

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Wed, 08 Jun 2022 01:42:56 GMT
Server: nginx
Age: 1
ETag: "629ffea0-332"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5784-30157
Content-Type: application/javascript
X-Via: 1.1 PSzjnbsxkx232:14 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01Sd731:13 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:8 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 818
Expires: Wed, 21 Feb 2024 01:00:35 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1660ms
349ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?c375abc2df71accdca3ace57d488f925

Requested by

Host: www.ipshudi.com
URL: https://www.ipshudi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

eff8b596a7862b8479704a660da117005c9c899e74a619523359dffd823be8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:44 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 7b4ccaa03e8fcc693f869b43081f3121
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11304

GET
H/1.1 200
OK jquery.js Show response
www.ipshudi.com/static/www/script/dist/lib/ 94 KB
94 KB 62ms
62ms Script
application/javascript 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/script/dist/lib/jquery.js?v=202402201115
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/static/www/script/dist/lib/sea.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: b7830b5d6e67c3e62df4cb977e30d36f116375dce9479b55c5f7540fb1ed90b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Fri, 03 Jun 2022 14:23:56 GMT
Server: nginx
Age: 1
ETag: "629a197c-1761e"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5784-30161
Content-Type: application/javascript
X-Via: 1.1 PSzjnbsxlb228:14 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01lrj33:9 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:19 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95774
Expires: Wed, 21 Feb 2024 01:00:37 GMT

GET
H/1.1 200
OK index.js Show response
www.ipshudi.com/static/www/script/dist/index/ 5 KB
6 KB 60ms
59ms Script
application/javascript 2607:3f40:ff08::33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipshudi.com/static/www/script/dist/index/index.js?v=202402201115
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/static/www/script/dist/lib/sea.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2607:3f40:ff08::33 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: ff6d6fb4b1f991e0f0f2cadba39199f7f77056e86b0e70bcb3c3b847b285af20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:43 GMT
Last-Modified: Tue, 20 Feb 2024 03:42:56 GMT
Server: nginx
Age: 1
ETag: "65d41fc0-14f1"
X-Ws-Request-Id: 65d592f3_PSmgasbIAD1pb76_5784-30183
Content-Type: application/javascript
X-Via: 1.1 PSzjnbsxco103:6 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01lrj33:6 (Cdn Cache Server V2.0), 1.1 PSmgasbIAD1ak79:18 (Cdn Cache Server V2.0)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5361
Expires: Wed, 21 Feb 2024 04:21:08 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 259ms
125ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8274819269094861

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08564127091d56d3740fd42c178033ec4f4eb7430a38060dc9ecc76856c238b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141226
x-xss-protection: 0
server: cafe
etag: 18413928500272860515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:06:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame AEC5 9 KB
5 KB 203ms
65ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8274819269094861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 20:08:47 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 20:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
6.ipshudi.com/ 65 B
508 B 2501ms
292ms XHR
application/json 2402:4e00:1012:8864:0:9a75:681b:dcbc
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://6.ipshudi.com/
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/static/www/script/dist/lib/jquery.js?v=202402201115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2402:4e00:1012:8864:0:9a75:681b:dcbc , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx /
Resource Hash: 19e00c748224410aa578c96af3fe091b483724a60c412a2ec1b567b40904bcd2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ipshudi.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6002 3 KB
778 B 126ms
125ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&adk=1812271804&adf=3025194257&lmt=1708495604&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.ipshudi.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603615&bpp=6&bdt=512&idt=426&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5504757343871&frm=20&pv=2&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=450

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

693cfe9f093b72282fe83cbbacfbb69fb8ab415cc6168ede821177a3ccbe8aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 06:06:44 GMT
expires: Wed, 21 Feb 2024 06:06:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8774 90 KB
28 KB 310ms
309ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66fe33595dcda9518165c5de069cceadcaff3025b59a395ceac8617f9599243a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28554
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 06:06:44 GMT
expires: Wed, 21 Feb 2024 06:06:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8274819269094861 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 257ms
114ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8274819269094861?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

662454853acb2962e454f9d905e05d281ffee0420173fea16c760b6a70928ccb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mUFCSpT6g90F_YGPYpaxVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-mUFCSpT6g90F_YGPYpaxVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4K8hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQxzyfzpoCxItZZ7CuBmKn9BmsQUD8OXMG628g9qmfwRoDxEI8HF-WXlvHJvDi3LrjjACLPEXN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 8774 23 KB
9 KB 214ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:24:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8774 9 KB
1 KB 236ms
88ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 06:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 05:03:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 06:06:44 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 8774 15 KB
3 KB 215ms
65ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 18:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 18:08:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 8774 379 KB
132 KB 216ms
67ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 18:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134652
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 18:08:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8774 20 KB
8 KB 211ms
86ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:56:21 GMT

GET
H2 200 AGSKWxUG97WUZ0xwQAqrm1jE7fKDjJaYszMKY9CxkmqwtP8j6hgaLDwxVZ-iL8esVsCasqSw4G1CJ34XZvP2ZXI4Y1EUbnKq-IroCIPX_ju-8Rdc5GfQmDsXxoZQR-rNAEXRbfsWKV5drw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
99ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUG97WUZ0xwQAqrm1jE7fKDjJaYszMKY9CxkmqwtP8j6hgaLDwxVZ-iL8esVsCasqSw4G1CJ34XZvP2ZXI4Y1EUbnKq-IroCIPX_ju-8Rdc5GfQmDsXxoZQR-rNAEXRbfsWKV5drw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NDk1NjA0LDY1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaXBzaHVkaS5jb20vIixudWxsLFtbOCwiZzg1SkFFc0tCdGMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.g85JAEsKBtc.es5.O/am=YA/d=1/rs=AJlcJMz-22omlSNJLO_xaKsmU-3jlewjmA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fae86c17455181a4728c95a9ec1f56b0a68f8808daad9626de112c4ffdec14be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pjh-BG_o7Qy84tPw_TW2cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-pjh-BG_o7Qy84tPw_TW2cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NeQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6OL0uvrWMTaGh4f4kJAIBNQFQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW76MMAuGW1l52Ths046ZwYw-zpKiA16vOPHy8zo6xDgiB4jukPF_h91yoFPXxdBCdjZYoRR6LjjijSU0zsfoWboin0-mOz_OBOpflJJPJ6lgxb8fcrBPgtqNrQu8u06OqyS45QIA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 105ms
105ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW76MMAuGW1l52Ths046ZwYw-zpKiA16vOPHy8zo6xDgiB4jukPF_h91yoFPXxdBCdjZYoRR6LjjijSU0zsfoWboin0-mOz_OBOpflJJPJ6lgxb8fcrBPgtqNrQu8u06OqyS45QIA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NDk1NjA0LDc3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3Lmlwc2h1ZGkuY29tLyIsbnVsbCxbWzgsImc4NUpBRXNLQnRjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af1fc59aa71298c2477aeb5faed7634ffc7c6ebd8fe3da156b52d2429d169578

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vS7ITORmsmcm_qQ9nd-Inw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vS7ITORmsmcm_qQ9nd-Inw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NaQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6OL0uvrWMT-HFvax8zAICQQKk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 1137ms
392ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsve65oy&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8774 15 KB
16 KB 335ms
67ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:25:26 GMT
x-content-type-options: nosniff
age: 456079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:25:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8774 15 KB
15 KB 350ms
85ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 484175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8774 0
20 B 136ms
136ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cv2eu9JLVZc2ECPPIoPMPrZSy2A_fyOrLdKT91ZTdEry9usr2OBABIOLtuZQBYMmGgIDco8QQoAGx-v_qAsgBBagDAcgDmwSqBIECT9A1irhiW9EULm5hriV6pOn_25-CJg_bnXuUr7vIkTTJguAtGi8NrAhVVXAbchmBiLdHs9HoPjWER_BwzTGXfjT1iP5t70EuxNJU2c06wA_Hgust2BxIzeCVqj4MsDEpEsorGUG2Uftu7QbElZKJOO42zUeS0rthxGNevNQsz39as_CsUNR0QLZ6jSGXt9rhKidh2x_c1948r5a3zoHjKWyk8PGvxKlp36pC8Q864z9vRjI1zVRAJLk-jvt0LyTeLKGd003yWdbuoZOoTKq5uYHz0y57OUmAyKfCSDFeO2l9bpc8aeTfgEJ1Hk6UABVAZyrf5LkKJy1hvFLrBqR3CAPABLL20L2eBOAEA4gFt96B5keQBgGgBnmAB7eFgJUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliAqNaM4ruEA4AKAcgLAeALAYAMAaoNAlVTsBOO9eAW0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcB&eventType=clickstring&clientTime=1708495604835&ai=Cv2eu9JLVZc2ECPPIoPMPrZSy2A_fyOrLdKT91ZTdEry9usr2OBABIOLtuZQBYMmGgIDco8QQoAGx-v_qAsgBBagDAcgDmwSqBIECT9A1irhiW9EULm5hriV6pOn_25-CJg_bnXuUr7vIkTTJguAtGi8NrAhVVXAbchmBiLdHs9HoPjWER_BwzTGXfjT1iP5t70EuxNJU2c06wA_Hgust2BxIzeCVqj4MsDEpEsorGUG2Uftu7QbElZKJOO42zUeS0rthxGNevNQsz39as_CsUNR0QLZ6jSGXt9rhKidh2x_c1948r5a3zoHjKWyk8PGvxKlp36pC8Q864z9vRjI1zVRAJLk-jvt0LyTeLKGd003yWdbuoZOoTKq5uYHz0y57OUmAyKfCSDFeO2l9bpc8aeTfgEJ1Hk6UABVAZyrf5LkKJy1hvFLrBqR3CAPABLL20L2eBOAEA4gFt96B5keQBgGgBnmAB7eFgJUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliAqNaM4ruEA4AKAcgLAeALAYAMAaoNAlVTsBOO9eAW0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
234 B 1118ms
392ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsve65ph&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.lh&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8774 25 KB
17 KB 354ms
97ms XHR
text/xml 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ASADTMgfhzWmGg6LnDB5A7X3wggfnttUUpqGzmciiwXI2Iqx8jYTQA_vNfXMlLZAsReD781ldpb3NWgfHuZEb7OgkcGw&cry=1&dbm_d=AKAmf-DpSjeEWDTd43vAEeokg7ggGuAGlkZx1dXPHl-gL1R3zT9AYwTdovyDn-a05QdieqJbT1FTlF1XhLXX2BlAbhHazVCX9UQS5WLQwMYfNBmxutip0Ojijpsf_-cMEScBfkZ0R9h1owQUtVNg1q6dBslQILDNE1kmAJVxIsor9a-rS19Nn5DHPhdG0rzzUeTwOyWoEBPLRVHB5lRzbeLcgIb0UDdojj2u0rOYMXsseTrgf9WGAk-2wt2X_3Pd6HVuavx9cIqGLFApR8c-f8NH-32pgY4pFWQZ6xkCBw8zl3-ZX0BpDgT01iOKkwyCu4FdExA52L8GJijWkCtRkoul-tghh_iJ_nkpuBoEdxpq98EgBncEetQ8lXlNTD7W2g1QV8xr88WBaSLcZgDixl2DvL5DXyoc0k5ejg_pQQDc2wuIzDc1i-yqhr3PwD_UsjaKzKGZU6tNGHcpnVPpxJxjAV_Idfggn4is1wu6kkqt6rMh9gPW1f7jHwpbkk9FXKI99nPzt1twnNAkLjeflTPgXw1VptFLxqFNTkKk56XSGp9poF0DBRZDiBYiDuHsAFiz0duADpTctSVzxTBYUg0vgn1P1T_fmKMmL8fmgc1sxsrtV_JW5jFmc3PGzFC4JP3AcHS8bSKpv_HgXFgGNK0aXSS_UY4j-KqNYaoUMMXG-wHaV6okrfK4bem4Q7vKe0fgNIf_7Qe8t0qT1Vytgjef09HrIlSYcDCwWU9157XU-KFzpd3pzftkM1QApcb956NfHUQZkTNWgmzDznh9NtlwbZ4bR_zvADdSM_R7Kx0QLZMMpuedHOX1wWCMWKm61UhxfImM-XmYfJYZ-vqxSa9v40Ucw8Hr6diZalNz6LCUKAVkilicVLx8NrXrL6xn7tSs34-5AexCohnutdL0a3dLjDqhKJSYMlh_9tZ-18Uoiey3sfoiQ21fK6z0Gy1R7VSD1y0qABGQBO2YFWLETYIb8MC8ZNfSaR7XJQNW6cPJWK0gzQ6hXE3DQ-XGiAsl2dd16S5w8lyl9wASZcAlE1aFYeiGUuQfuQM--N37tb7Q-oNxl_BC6C9krnMII4YYSceIJcBAcFcvfz6x1hop23M38Xsg96ZiPuLRgzn_vwnKb6HdkkngKdG28cI6EJHfClFP6JIhIFZJIZZOwlpD-V_iYKKsjZSmm-sXBDhtXDWsfRkZOW25uVpgDIZPTzTuvlFFxc8H-_DZF8CS_CXij5RQmPQvnVkGE4ZdP23u9Nef1TLfSyeDu-Ehxpyvj2C06llitLpaJwNhkMcEhx-beEUfSMKitIT-gGs2p8ej9NzylTyeZ-d0IuiKsMHZegFiqe6afryKxYDfJX7LTmOsf7indbRRil08kGPkOmk_Yi66uW_I-6_AO7JpYXIVnp4sMChI4Qe1KpJn95BQ5q8Uq2SZFhdOBMtVOa2cq2cqWZ9SIFBDypHxea0gF4Krh7f5S1w9zXnkq4jswxjCbGmGVbxMAzddF10GpYQD9u-OywaG8Ubh4dtbQdasBzHEEFo2UlUi1Bntntt0nElmZISvzwEu13NeMw_PYs15DNmGSLxSaQlmyt6d4NqLAulgSPbAL8ZFumg_YP-4Gh7Pixcm0z5oGmyEY95SvAW-EcIeTVQwGVqy2DQnK6-rGvraXU9G6dwqFM1DVhDuy9LepdGDS_i_hfEj1phCLXXBq5z8boMI1w9T-t9OQk6P7ShzhbD7opDbGV2qntnVn454do-JeLjnhWZhnTZW2OxSBEFGicLweopArdkMYMr7RxUDEqeh3VUt571WZTahXwWSVNzhmTQjOLsd5gMzO0lzpz-M2LETG6EAEDh5C5QBJumbW7MYM02MrniHZCT-Zxb4jPl2CckM735W114Ap7sxjiEJKFYwB5dJx4aqOzDANIVx-419AHgbTX3arN5Eq72JQrP7jbZmFgrrtoNCZV2LdM59GvaqTdxbQlWYXxzLD7lv8CwFYWac7zmT9Z5IrlP3B7KCXEL1wn4v1zUwaKu1_1ayfNx03tgY0lXgTbgs1cOWJUKm725S_A_j1Vz-ITaF4OaMpCQYeeeoIIhFl2aMT41dFz7wQWNErwOtHL3egk4qfFGUWYVywfadOAwv_R-ZP6jMNo4A0SlE20g_E8F8_MQw34hEsT4iq6aMbA0rKTaY17dNEi4VIzdrtT3rZdQ47-b999vok8L7VKf-o3dNz-X6cluDw8CKDPlMr9Ln0dCEjMEHSQ3rEnnF3kkJRjxaWPE-vXWqwtW6tm28qt6kn_fZuPsUwQ-4_fytzwhGmpcf4f3kxEpRpArmMZGuyVa4BdGYroF7RBcibue_OVIwllBuDKAcSub9nB40IOrhyEDTpfifab4Prcw_NszXIQYd_B_ORQN-HNZ9CIO8JwV9x0BNTqcNCgEAyGLuuBvrM_xw8n9b8XQYfE4Gv2LX5CdnjP6D9D_-c7Dw6W6NLSaB_GJEcCr2MK06zYBHEv5h_iAZwpzNzS6iyGkz0q0Qst3fE7tdgPfQbVAj1o-TJc14p0HcCI8G8tTdi2T0Vk_3eGEuFxiUwX7mrVlA_na0v5Y2HTevKPpSmmVfGENZE14CYfbZPkZARfO9abEwEmXnhpbEIT3jgnRU6NgrgGq9Pa1iTDgLYy8K02x0sk8cEYMdypSz6lvTCGDmDB14ngsUrbYhDI5t4pxoND6SXv-QUXcBgxrga07-qN-YdsESWomhiaFGW8dDX0yKpRYZE3ZNWYsxmY_OuzraoTnxqqcdOzfmHl30xEKbQuzZtHB09VpRUQOGE48WvSdv-nUV4n5S_MsarFf8n1mAeEcIEVRBWdOb_6vYgZFPeZlVdc3Y1tI1ETjduDmSmsz1948_Pyx0OzKlroioMjpPo7Arw8yqu8ud1szwktPnOLLe_UACfSmeU4Ag-kD59QplgEHvJ5kFG1ui42Hd8Yo7vkBwWqdyyUDPq32Fl4ZDv6Re2q-U0G7y7ty2uVjFDEx6cbijtP-LxWjYTpR04T6W0In0FZ5vNthWTwYGZFP1lkpy3EaxZEiRcKgx-nX1s46uHbU_5844JyfkCTYgQEQoOl2fFODp-0mua3KgZbaLtwwUrPWlshy5QAMxF6_31S7mKobb3u2R3iUSvmKCbYd8lRbWvd9GG2ugkeFoJk2mr9WFGZLsVL9MMoNHqL8QTC7hl4i8iTvIe0wSLkKpRmTTt5AcgvTcIccHOtd6NjN6PevrTqdadqOzky0Igj6D7x7NsOt7tbpYnzpXr820YZg7VUMsXLE-bFcyWv1GVzqn5VvKHcVm-dUCMYqW3EkEcjlDdJrEppenWzBh1WNKeJrapztXJprugjVXhYtVIM5Q8wtvL2HHJ2NlHgYPRQaTH4BWo5GE-Yo4hfnsTX3b-jB_s0GFl25UxX8zwSLg7xHsNuRhhNQq97zUjjHPN9Z2MI7x2f-0t6XPsM89wMxIr9uv694fVLK7iv84KhNhlKI9_9OtgNWKARMm5MjOJxgfljH2t67gnYmx76TYcyQeteCkWxoBI2gNnjnyZSF6zPhCUWnd_GnxwwIzwOAIO-FgEUr6ZfeDSsDJLq6iolIpAlGfEq-fFupk&cid=CAQSTgAvHhf_F4LE_gqadyCv2bvMwgeaOGhM-Mnc-bir24deAltNAOhZzhcg5CRtvUR9vVi3QF9djuuaURWWjOIpR5XjCTgNB4_3HmfJpMOJJBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

addf500551a6d7a9741d4a8faf3c0fbeeb25a088611d62ccfca2b427ba660093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16610
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8774 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df5548a04739a5258064ebb8c5d30c78ba51ed18e162b2e78be1e711304f393f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 744ms
392ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsve65q0&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;7893662;208;xml;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntent30sUSDSKVID1920x1080/ Frame 8774 10 KB
3 KB 428ms
77ms XHR
application/xml 104.105.36.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;7893662;208;xml;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntent30sUSDSKVID1920x1080/?gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://www.ipshudi.com/&pub_id=1&sup_platform=1&pbMethods=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=[CACHEBUSTER]

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.105.36.73 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-105-36-73.deploy.static.akamaitechnologies.com

Software

prod-xre-app44.ash11 /

Resource Hash

4c752f4879e221902c13e263e918f5a7ffad2589fee69ce8466ef7e89976ccdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 1979
Pragma: no-cache
Last-Modified: Wed, 14 Feb 2024 16:45:29 GMT
Server: prod-xre-app44.ash11
ETag: "d0d5e25ec6b9a809974f74260dd70e83"
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 21 Feb 2024 06:06:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8774 0
0 140ms
139ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0ufW9JLVZc2ECPPIoPMPrZSy2A_fyOrLdKT91ZTdEry9usr2OBABIOLtuZQBYMmGgIDco8QQoAGx-v_qAsgBBagDAaoE_gFP0DWKuGJb0RQubmGuJXqk6f_bn4ImD9ude5Svu8iRNMmC4C0aLw2sCFVVcBtyGYGIt0ez0eg-NYRH8HDNMZd-NPWI_m3vQS7E0lTZzTrAD8eC6y3YHEjN4JWqPgywMSkSyisZQbZR-27tBsSVkok47jbNR5LSu2HEY1681CzPf1qz8KxQ1HRAtnqNIZe32uEqJ2HbH9zX3jyvlrfOgeMpbKTw8a_EqWnfqkLxDzq7Pt0sOh8tF9K_eLTmav48glAtMxPk1iJsTD6_YilJWxBKjNvaBWPt9Uj9PTCpHncjlqj3ks3KHvCuWpeu2JWSuaNJBsd9PJhPvB5SrsiCdMAEsvbQvZ4E4AQDiAW33oHmR5IFBggDEAEYAZIFBggbEAIYAZIFCwgiEAIYAUjRsdwBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAe3hYCVAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcKEITsCxikjoWAAtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliAqNaM4ruEA4AKAcgLAdoMEAoKEJCM5qPB5sLrRhICAQOwE4714BbIE7awzeED0BMA2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTgyNzQ4MTkyNjkwOTQ4NjEYAOgXAQ&sigh=Tf0PzYo3TdE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_F4LE_gqadyCv2bvMwgeaOGhM-Mnc-bir24deAltNAOhZzhcg5CRtvUR9vVi3QF9djuuaURWWjOIpR5XjCTgNB4_3HmfJpMOJJBgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 06:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 338ms
337ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1474641774&si=c375abc2df71accdca3ace57d488f925&v=1.3.0&lv=1&sn=63690&r=0&ww=1600&u=https%3A%2F%2Fwww.ipshudi.com%2F&tt=IP%E5%B1%9E%E5%9C%B0%20IP%E5%B1%9E%E5%9C%B0%E6%9F%A5%E8%AF%A2%20IP%E5%BD%92%E5%B1%9E%E5%9C%B0%E6%9F%A5%E8%AF%A2%20IP%E5%9C%B0%E5%9D%80%E5%BD%92%E5%B1%9E%E5%9C%B0%E6%9F%A5%E8%AF%A2

Requested by

Host: www.ipshudi.com
URL: https://www.ipshudi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:45 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 bannerads. Show response
fundingchoicesmessages.google.com/f/AGSKWxWr2VQUnIKQ1fF6dqtnS3qniARFCrD3G0zBv6lHbPY37e5lqX389Dxh5an3Oa7sk_QMwsZaaBs2OR0PXDkX_WtX6RIEL96u9J_ocEL-lBGEpwnfRmlu35QjF9iNqkDk8gy39JJl7ou_8RJ4DuZ2ToDQysCrY... 54 B
110 B 111ms
110ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWr2VQUnIKQ1fF6dqtnS3qniARFCrD3G0zBv6lHbPY37e5lqX389Dxh5an3Oa7sk_QMwsZaaBs2OR0PXDkX_WtX6RIEL96u9J_ocEL-lBGEpwnfRmlu35QjF9iNqkDk8gy39JJl7ou_8RJ4DuZ2ToDQysCrYY0HLIds9INXX7w0X1skTuv3WjOkOfFb/_/ads_new./cci-ads-/gameadsync./admin/ad_/bannerads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.g85JAEsKBtc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz9lQJUDatyRdJ0-4-J1JBkjQFJfQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deaf54377c5cfb0954e8da7a96637cfa879d9bbddeb48281a7880f87619f1ea8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GwDUOP68sx4K1_QbI5XfDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GwDUOP68sx4K1_QbI5XfDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJiCNaQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6Or0uvrWMTODFvUy8TAINPQD0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 66ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 22:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 22:13:49 GMT

POST
H3 204 AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 252ms
119ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Te9T_Sm0spgmPrzESXI0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Te9T_Sm0spgmPrzESXI0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoEFF_suMgEASWMVwg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ipshudi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 161ms
111ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DbEh_-pU1hEw0w7xDAq1dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-DbEh_-pU1hEw0w7xDAq1dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoEJh1rPMgEARwQVjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ipshudi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 109ms
91ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ieCUBDCQ9ePLIQFadYQHAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-ieCUBDCQ9ePLIQFadYQHAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoGOHy2HmQBJFxW4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ipshudi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 129ms
111ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y4uuxraVKX0M_cDVH-QQ3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y4uuxraVKX0M_cDVH-QQ3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoEdV6edZQIASjEV4w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ipshudi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWOBo5hgv7kUEeRU1oiR00UZlA9DaG5WGWyPFmKGqS3gYMvfKyTrhi2ICtDTZ5qOrxbFAqdmhZjDc35PAdJ5diG6IBsb3YVpQW2D2x_I2bHNjQF5IFakdzrJWp6Z0Zfm1l0Ya7_4w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 102ms
102ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWOBo5hgv7kUEeRU1oiR00UZlA9DaG5WGWyPFmKGqS3gYMvfKyTrhi2ICtDTZ5qOrxbFAqdmhZjDc35PAdJ5diG6IBsb3YVpQW2D2x_I2bHNjQF5IFakdzrJWp6Z0Zfm1l0Ya7_4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NDk1NjA1LDYxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaXBzaHVkaS5jb20vIixudWxsLFtbOCwiZzg1SkFFc0tCdGMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58a5d6d10b03f6bb7204791b005116eb3c7952ad98c0ab47a730c51cf96f26c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P8ebnPKSFjH9jzZ2Q9bU0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P8ebnPKSFjH9jzZ2Q9bU0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4K8hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQxzyfzpoCxItZZ7CuBmKn9BmsQUD8OXMG628g9qmfwRoDxEI8HF-XXlvHJvCi__wBJgCKoUWq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 400ms
390ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsve660d&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&vmfc=6&vhc=0&icc=2&icrs=2&icp=AdChoices&icdi=15x19&ccc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8774 41 KB
15 KB 75ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 12:34:13 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 8774 7 KB
7 KB 452ms
111ms Image
image/png 104.76.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.76.100.56 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-56.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:46 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
X-FT-Origin: us
X-Varnish: 366364844
Content-Type: image/png
Cache-Control: max-age=486
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281
Expires: Wed, 21 Feb 2024 06:14:52 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 390ms
390ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lsve66cf&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.182~atrd.18d~videopreviewvisible.18h&ua_e=1&umsem=0&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content FY23Q1_DC_AcrobatDC_AcrobatDC_us_en_DGBigIdea30_VID_1920_1080_25000_2398.mp4
cdn.flashtalking.com/172799/ Frame 8774 37 MB
0 434ms
162ms Media
video/mp4 104.76.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/FY23Q1_DC_AcrobatDC_AcrobatDC_us_en_DGBigIdea30_VID_1920_1080_25000_2398.mp4
Requested by: Host: www.ipshudi.com
URL: https://www.ipshudi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.76.100.56 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-56.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 21 Feb 2024 06:06:46 GMT
Last-Modified: Tue, 13 Feb 2024 20:39:54 GMT
Server: Flashtalking (AKA)
ETag: "b72661033d7156e46dab50f92ac40e90"
X-FT-Origin: us
X-Varnish: 875497234
Content-Type: video/mp4
Content-Range: bytes 0-93964551/93964552
Cache-Control: max-age=2546
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93964552
Expires: Wed, 21 Feb 2024 06:49:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 389ms
389ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lsve66cw&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fservedby.flashtalking.com%252Fimp%252F8%252F225407%253B7893662%253B208%253Bxml%253BDV360%253BDV360FY24AcrobatDemandGenPSPIndustryCustomIntent30sUSDSKVID1920x1080%252F%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2524%257BUS_PRIVACY%257D%2526bundle_id%253D%2526site_url%253Dhttps%253A%252F%252Fwww.ipshudi.com%252F%2526pub_id%253D1%2526sup_platform%253D1%2526pbMethods%253D%255BPLAYBACKMETHODS%255D%257C%255BCONTINUOUSPLAY%255D%257C%255BTIMESINCEINTERACTION%255D%2526cachebuster%253D%255BCACHEBUSTER%255D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWw6Z4E4lUeoGuFMk5PWO--jJftjIRkTq--yI-gw_4FbHxlL0xlZ-1zZdhwpRf1Taqu8k2u9M7PiKRZOsQ4--7d2N5hvYn4yhTbxEKI6Eif3r9fVp5yYVI8CaaNdygJGAf5VDM6uA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
91ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWw6Z4E4lUeoGuFMk5PWO--jJftjIRkTq--yI-gw_4FbHxlL0xlZ-1zZdhwpRf1Taqu8k2u9M7PiKRZOsQ4--7d2N5hvYn4yhTbxEKI6Eif3r9fVp5yYVI8CaaNdygJGAf5VDM6uA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UNrUYVjzejs1Nw8QxE9S5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UNrUYVjzejs1Nw8QxE9S5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoEd816-ZwIASpIWIQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ipshudi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 111ms
110ms XHR
text/html 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUv_P1ccDbLIaem3uNRv0GnEL9ihyPBbxqppEzwgRdcr-NSHrdFLdLcaWHG6uwWihkVoEAjNu457SxT1p4Xu_pAD3YNL3x1XCNaI7yGqn3hCm83wrPT0CXP3FxTsRVk6QkO_Kd4HA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yRza3A1kkWv3WZmRM-MflQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 06:06:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-yRza3A1kkWv3WZmRM-MflQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4fi69No6NoELb278ZAIASS8Wcg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ipshudi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame DEB3 23 KB
8 KB 66ms
65ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 507058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 09:15:47 GMT
expires: Fri, 14 Feb 2025 09:15:47 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame DEB3 39 KB
15 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB3 0
20 B 140ms
140ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BVmA89ZLVZcXCCdiBoPMP2ru8oAYAAAAAOAHgBAI&bg=!-fql-rXNAAZN4L4YbeA7ADQBe5WfOB_Ca_eiTG5-GUSi3TiHEIUCDjkOP9iSTDJ2JUkhpBRWuln3XCywfzC2ttFjuKr0AgAAAFpSAAAABGgBB5kC4FtE0ClJyN3dKES8AQYAZDcg4Nu-uKO2rQGh3tW7LUaOVjdBbSB1M8JlvLA-FvmTH0e9oDZQQpYlFtj1jEwkRC1Q7n2mVUP8PTRjod537WLDRK0mztvkAYLFsyA9tqY0pdVuplxNkSUMDlD_RQ7kqOpWlRW9PRYv942vPmN8DlT_PlqIQLGU7dFczSeu8rsHbOM8crqIuYgPoqd4js6MTe6qZliBquFXwSmVmHMmhXiHzF4yCLmmUUuFFkckmpPXYm67jyEOLUPEej5TgX4R71V6CaNCOiNhXvi4E_aBr11DVC2ARj9QNSBeJolJ08mGur-zsBuqptJ0WrNgnub1GkSicdLLJrtNTKl8y1kdX-NzaCHaS1tPtxAk5HVO231s6jXGUKzsBW8CAX-CV-dht7m0pkwzK6Z8ZqLvqfEaMgtrqDFaQDjGo27pnHazxrWkOaKRgQbeSeluBM5AvFTdxwuQLpzFVCY5bVz8XIlZZuGRtp9lpcF3H9bqmnIoKq3aLmqKOkZna1rmEFMZ598_Kivwm-yU9YVpTEl1mSzvTOhLbbQLhs6Scr8KA2OaWMcGCAIBWtFcmXvJTd1l1qMn1WbtqwfN8oiFZ3eS5kFLB4EswInZdPUOAtE40gJM3Ef4iVy5Vxayc2M7kayyoRVNLRgF1hVlCjJddaO7SjQIDfIYeSQY9mXiyBYtHIbYiT62QMYJ1B2HkxiB2xcioke3sw150cf3lkZNXKSCWEaFUlVDhM0geBTYGqk-NbUEzxlQnXLt0bmkOZSusavfZV2iDYvTgLmu5rv76hoqh-ZTDlyFzKkaXqYmuUftT2LsFG6hgXApDAHGjxR--Fnv2wzt0Ka5u5Hp2yS47oXkhZd4xkWZL06I7DBLXNJMkz3Cc8rMwaji8MW0PZQ8rdV0N0HwS6OwNbMFtzPYIaJB_75_y7w_iD5Zq3CexAU0D5H3OiSCogmIdlysejU6tty-Nv6c_S0

Requested by

Host: www.ipshudi.com
URL: https://www.ipshudi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 390ms
389ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lsve66d9&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&event_name=first_play&asset_bytes=173957&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 117ms
116ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a8c516043c4c9a05711eaa2524a523365cbeeb79d63359ebf56ef71fe36257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12250
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 113ms
110ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 06:06:46 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/7893662;4141210;0;271;710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D/ Frame 8774 42 B
343 B 90ms
86ms Image
image/gif 104.105.36.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/7893662;4141210;0;271;710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D/?ft_data=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=1877790749

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.105.36.73 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-105-36-73.deploy.static.akamaitechnologies.com

Software

prod-xre-app28.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app28.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Wed, 21 Feb 2024 06:06:46 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame 8774 0
67 B 232ms
60ms Image
text/plain 52.1.106.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?13539;225407;7893662;4141210;0;13;710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D;58956BDB333010;1877790749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.106.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-47.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:46 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK img
data.ad-score.com/ Frame 8774 35 B
633 B 292ms
76ms Image
image/gif 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/img?pid=1000925&tid=13539&tt=g,vast_imgs&l1=225407&l2=DV360&l3=7893662&l4=4141210&utid=710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D&cb=1877790749&uadid=-1&interact=[TIMESINCEINTERACTION]&pub_ts=1708495606&pm_session_data=adstart
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Last-Modified: Wed, 21 Feb 2024 06:06:46 UTC
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dc_oe=ChMIhZGVjeK7hAMV2ABoCB3aHQ9kEAAYACCd8ItiQhMIzc7WjOK7hAMVcyRoCB0tigz7;dc_eps=AHas8cD1BTfGUzzuWt0xLtdjJWzhxjLq9HllNdVQo1BSOS9dfChp6TdEP2PXHQWI0TWez6ToojLDX9Q-ekQOuOtw;met=1;acvw=sv%3D961%26v%3D...
ade.googlesyndication.com/ddm/activity/ Frame 8774 42 B
401 B 289ms
139ms Image
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhZGVjeK7hAMV2ABoCB3aHQ9kEAAYACCd8ItiQhMIzc7WjOK7hAMVcyRoCB0tigz7;dc_eps=AHas8cD1BTfGUzzuWt0xLtdjJWzhxjLq9HllNdVQo1BSOS9dfChp6TdEP2PXHQWI0TWez6ToojLDX9Q-ekQOuOtw;met=1;acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D877413403%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442840601;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708495606701;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8774 42 B
64 B 105ms
101ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cv2eu9JLVZc2ECPPIoPMPrZSy2A_fyOrLdKT91ZTdEry9usr2OBABIOLtuZQBYMmGgIDco8QQoAGx-v_qAsgBBagDAcgDmwSqBIECT9A1irhiW9EULm5hriV6pOn_25-CJg_bnXuUr7vIkTTJguAtGi8NrAhVVXAbchmBiLdHs9HoPjWER_BwzTGXfjT1iP5t70EuxNJU2c06wA_Hgust2BxIzeCVqj4MsDEpEsorGUG2Uftu7QbElZKJOO42zUeS0rthxGNevNQsz39as_CsUNR0QLZ6jSGXt9rhKidh2x_c1948r5a3zoHjKWyk8PGvxKlp36pC8Q864z9vRjI1zVRAJLk-jvt0LyTeLKGd003yWdbuoZOoTKq5uYHz0y57OUmAyKfCSDFeO2l9bpc8aeTfgEJ1Hk6UABVAZyrf5LkKJy1hvFLrBqR3CAPABLL20L2eBOAEA4gFt96B5keQBgGgBnmAB7eFgJUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliAqNaM4ruEA4AKAcgLAeALAYAMAaoNAlVTsBOO9eAW0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcB&sigh=0fNyzWA7hn4&label=part2viewed&ad_mt=7&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D877413403%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442840601&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708495606701

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4141210.gif
cdn.flashtalking.com/xre/789/7893662/4141210/image/ Frame 8774
Redirect Chain

https://servedby.flashtalking.com/imp/1/225407;7893662;201;gifimpid;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntent30sUSDSKVID1920x1080/?ft_impID=710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D&ft_cust...
https://cdn.flashtalking.com/xre/789/7893662/4141210/image/4141210.gif

42 B
414 B

259ms
106ms

Image
image/gif

104.76.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/789/7893662/4141210/image/4141210.gif
Protocol: HTTP/1.1
Server: 104.76.100.56 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-56.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 06:06:47 GMT
Last-Modified: Wed, 20 Dec 2023 19:19:45 GMT
Server: Flashtalking (AKA)
ETag: W/"d89746888da2d9510b64a9f031eaecd5"
X-FT-Origin: us
X-Varnish: 978694536
Content-Type: image/gif
Cache-Control: max-age=160
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Wed, 21 Feb 2024 06:09:27 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app31.ash11
Access-Control-Allow-Origin: *
Location: https://cdn.flashtalking.com/xre/789/7893662/4141210/image/4141210.gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Wed, 21 Feb 2024 06:06:46 GMT

GET
H2 200 img.png
d9.flashtalking.com/img/ Frame 8774 70 B
487 B 258ms
68ms Image
image/png 23.21.160.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9r.DeviceID=true&D9v.CampID=3175&D9v.CCampID=225407&D9v.ImpID=710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D&D9c=ftVideo&D9c.placementId=7893662&D9c.creativeId=4141210&D9c.confId=0&D9c.privacy=x&D9v.gdpr=FT_GDPR&D9v.gdpr_consent=&D9v.us_privacy=!!US_PRIVACY!&cb=1877790749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.160.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-160-120.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:46 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: image/png
access-control-allow-credentials: true
content-length: 70

GET
H/1.1 200
OK img
data.ad-score.com/ Frame 8774 35 B
633 B 288ms
74ms Image
image/gif 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/img?pid=1000925&tid=13539&tt=g,vast_imgs&l1=225407&l2=DV360&l3=7893662&l4=4141210&l5=1&l6=1&utid=710047FC-3AF4-88ED-EC2D-38F3FEE3CF6D&cb=1877790749&uadid=-1&pub_app=&pub_domain=https%3A%2F%2Fwww.ipshudi.com%2F&uid=&interact=[TIMESINCEINTERACTION]&pub_ts=1708495606&pm_session_data=impression
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 06:06:46 GMT
Last-Modified: Wed, 21 Feb 2024 06:06:46 UTC
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8774 0
674 B 260ms
109ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpUDA9v5PdquHhqRshOclfZQ8_ZEHHePo4TxrgVMUPh83Gukvnc1DSK4fAwLmRQa7VnbkXUjgPNTno3eEFzr7Atn_6hmGE-ideJoQApA2JmxcxCs49E_eMmiAM91un457WqzhByqVvLBP10_3eC2UylBsnuF5XMsTj35cFPknn-dpHmsnhp7oDKx-RNTUtL9_acZz3POqPWEB5xv9WSFqS2VRGjpNoqIBQ-4dOPHUMjpGm_Ne6lGdNWlAtDt4YUT6K7LZSsK_ZgiXdhF_7qvHQ7_QSamTgMQ_pj766btxENo9q7jBQPpJk0ASJl0QGHTldWDQ7-qCwza9hj1px91qAR0bWUmLmWmFAXnOyD62SYLwL-UZ1DE9ynVYajskSMRHVo5CXV88Qe1r68tp_4P6xbZ8T2R4qlRYPFTdvwn-uncGuvLNT2lSh8wJh3N8DTV5ZuCh-sV1oRb4S3OcRpbmrbbLNq6N4mLfof2NZUPz7Sk_vh_hibns7xCDGsV1gi4At1xp7dFlaW8-wyeDu5IKobB7Dkdv0_rop79qroWoCrh9QlT1gKCgw9nD0zOUC2japVo2KvpkVKLCXmT18Wj2SJ3qwgxvWzQlGlHoHhZrqPkQ0KJulmfQGk5YU7tMuqRPa87t-WuUXLGGtMgSGmhJdHtIcnI32vXq911KBCW_ORTHpNUlEH8w8e39rMrS0xTq3CSQTNL6ztqW2VIL1e8DbH_GC97gS2FoKd6OMHDVaWvLBEr1yGEiIk8V-ZsMYgTqr2HgY4GvGsAS6LJ8fcUmdFORbGGGoDI8yapfydX2mNoRTi9CQ5NIncpxysKubkcs9Nct7NMdtLCvLEf98eH5AaDSQU2xtbmKg8I5z8UncxqS36zaIcUXT-xj6tm6V2DkG3KEsji1MOPt9u9nphzfM4YRjqjoJN90xyNM9KThNpgueveI25joeGJV0bEocaGLrU-nM__jPjnbDftCVNbfS3GJGVWtsHjsixXY0zh_wRt6EPNnDeOx-JTM-3mCp424sjABCGwBwjBSLV4yJMuHAr_ZN8nTi8_EFRad1BU-ESy6DuNo57sw_bT0dsEpiBTvqRZHnRMXvhLe7f-BO3vuWO5QEas2jVsBqKUfy2iDrTfgvZ_0nE-5dFvsGnszfcUAYaf-J5JvSDIgT65AFJwMNzHZb42e4A5mxClBVYSv02zYd1lwq1lmvDOa35veMi-2ifwnvI6o7_Fd-Xmz26fQDbsJMHjJMnxL1VvYTi6oWZT939FVt6HHqyuVkj2rgANPayZPoddK6uxFwjqE-zogBKex5QmQCkzM4G8K6pPXNqMgVeAYMYMQo0LwC6kfVzxVu5OtvBsv2mBYywUfoYrqH97xSR6hbcyLBir312OaucoaVrmly7K1t&sai=AMfl-YTBsvtHfgMQFy7qAcJpLFL-vAfAgz6vNKy2st6Lk-NJz1iGW6u_snoQmSRGdjmPPkfzXNkvjCcwM4BB4iawVYkC3d8QxO6-qbsRiZQDx9f7HypAPN2yMmMhBqd3JE8H9_Akv5SMoMGa174uUz34cUzYonjh6XvChRLF4tWHXQ2bAhZ24Gez5iirFk5Sr1ULQWA2y3Y7DrI3e35mEDiKYyz_VcNRseivXAcqrzxQ3OW4CHt-ohcNpf5o6azNoqMgBmfGs002GEM8Bi6jBE4GXNyxelUK_sVAYT6vhtYH0KwZCy87Tq4X_KfllyCT1WI&sig=Cg0ArKJSzEnu8M3a6qFMEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:06:46 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8774
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARikjoWAAiABMAE&v=APEucNXiXSmFksbd8ji3Nw2Lg7uQlC42GioSy1maUnL1ORHHyQiiEHn19QO7WKBgfmO0KABOy8A4htOHzm4gz6b5_nBlRbDzzb0PA2kagQWrBdnOoAj8AdI
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWS9sAoJU0AADT4AEXSLAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTngt1bgWUU4mGH2TLr5Bk&google_cver=1

43 B
770 B

72ms
72ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTngt1bgWUU4mGH2TLr5Bk&google_cver=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zycGLHL7pt0sWj7VuebxgJixxAXxNEPvOlYMnaQIfE4HXzsWHmn3yc2Uu%2FBpuGtUZi3llLfb0csymk1%2Byy0Gkr9uXFZLZyr8%2ByaA5WvcC00A0avDuzjBlKdsFTXik%2B2wyJMjhKIvxTk7bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858cce29a9acdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTngt1bgWUU4mGH2TLr5Bk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8774 0
20 B 136ms
134ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8774 42 B
64 B 102ms
100ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWIZ27B2bO32a6L6rgvHtxPQTXiX5GuIFzFNVS3DDiNpyYSfYVvAQBzvnp4Anj7ByGcY3hGj3_22cYUcjcUKAgFQoNgwaa4V2SkSG2fZEFCIIVeVR-tHDdv5OliFinqsBkNbB-DSE_FYfF4ByVfMowxxNBuB1_o8I&sai=AMfl-YR3sBjz0TdJyKzWC30rH8z__SCjCQrKC2dvco_jDsdk8-syp9fxEOL_vGxE4RYDyGW5oqwhnxxHndbY0gP2nnsGh6jPcTlHpgt8rU1ctvcpMjv47zTT_UJ-haIWeiLXQa6AxNr_IUaKqw3Hwth5&sig=Cg0ArKJSzPAULbPKUZOKEAE&cid=CAQSTgAvHhf_F4LE_gqadyCv2bvMwgeaOGhM-Mnc-bir24deAltNAOhZzhcg5CRtvUR9vVi3QF9djuuaURWWjOIpR5XjCTgNB4_3HmfJpMOJJBgB&id=lidarv&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D877413403%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442840600&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708495606701&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8774 42 B
64 B 104ms
102ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cv2eu9JLVZc2ECPPIoPMPrZSy2A_fyOrLdKT91ZTdEry9usr2OBABIOLtuZQBYMmGgIDco8QQoAGx-v_qAsgBBagDAcgDmwSqBIECT9A1irhiW9EULm5hriV6pOn_25-CJg_bnXuUr7vIkTTJguAtGi8NrAhVVXAbchmBiLdHs9HoPjWER_BwzTGXfjT1iP5t70EuxNJU2c06wA_Hgust2BxIzeCVqj4MsDEpEsorGUG2Uftu7QbElZKJOO42zUeS0rthxGNevNQsz39as_CsUNR0QLZ6jSGXt9rhKidh2x_c1948r5a3zoHjKWyk8PGvxKlp36pC8Q864z9vRjI1zVRAJLk-jvt0LyTeLKGd003yWdbuoZOoTKq5uYHz0y57OUmAyKfCSDFeO2l9bpc8aeTfgEJ1Hk6UABVAZyrf5LkKJy1hvFLrBqR3CAPABLL20L2eBOAEA4gFt96B5keQBgGgBnmAB7eFgJUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliAqNaM4ruEA4AKAcgLAeALAYAMAaoNAlVTsBOO9eAW0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcB&sigh=0fNyzWA7hn4&label=vast_creativeview&ad_mt=7&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D877413403%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442840603&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708495606701

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8274819269094861&output=html&h=280&slotname=4147621541&adk=2958351128&adf=1284412526&pi=t.ma~as.4147621541&w=940&fwrn=4&fwrnh=100&lmt=1708495604&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.ipshudi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708495603621&bpp=2&bdt=518&idt=448&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5504757343871&frm=20&pv=1&ga_vid=290995839.1708495604&ga_sid=1708495604&ga_hid=1292721930&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081153%2C44795922%2C95324580%2C95325066%2C31081233%2C95322184%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2003712454630929&tmod=1942055169&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8774 0
54 B 392ms
389ms Ping
image/gif 2404:6800:4009:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lsve66vq&c=4653682343755&slotId=2326841171877.5&qqid=CM3O1oziu4QDFXMkaAgdLYoM-w&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&dm=30000&met.4=vil.20t~ff.21i~videopreviewstarted.21l
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A20 13 KB
5 KB 72ms
66ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ipshudi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 35869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 20:08:57 GMT
expires: Wed, 19 Feb 2025 20:08:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B61 829 B
1 KB 232ms
87ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c67da3cfafdb3fb26c2b791c49b71b95abfc2aad499103f0cb8c112b95edd78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a25ZXffWAymlkyrXPDLjHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ipshudi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-a25ZXffWAymlkyrXPDLjHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 06:06:46 GMT
expires: Wed, 21 Feb 2024 06:06:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A20 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:05 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A20 0
10 B 66ms
66ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SO65NQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 06:06:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B61 0
0 99ms
98ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=2003712454630929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
116ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=2003712454630929&bg=!OTqlOnXNAAZN4L4YbeA7ADQBe5WfOITDqJkMGSmnLRTsELwSDfH15PeTdJ8l4FuQVggEXW-GOE3f10g4ygOe_Zo6okTpAgAAAHBSAAAAA2gBB5kC0HV4-YBg05vqV0qO1drYzkf6WZveEH9iSbm78XWIjAApESbGjzXtoFuDKE1G3jsFdUzlV2CyqHx-vnry4P_VbfAU_Z9md0vtV1RFFw87GZEg6NkxBPrtT7jy-GsQkyiNWnAkE9ODL97UhLmODvr8Ty3Q7WnT2Tu3E2P3ITBrQgKzDYNYJCBTZWX0JaXwipTEUfNtmRzOdGADBQsqXCO6XOEEHqTRKaB6NHP45b9foKKSm-BmD-JYBz1u3mlsvkWCvRtmQct5ArwWusVGo0lGDUMcrCaEx9e0n021Sq3M3HLBaDXRwLBi_fjZ6rjMrOlw7D5BGp8txK6SwHga1IBMetEEVjb1eXF1FzUERuaHR3l-ihjdvspukjhlgh3IWt0d0EPef_tb5p0Lp6lyhWNgvuHdwMRAgBlISzKmLRu9GkfFc7SdAPZv0600rChldRemQ1b8fMDWdu5pJh1pStiqev3sfJ8q9Ga2v40acihkzWWgxa4rkOxEnWC0-CQEeQq8B-7N9QOjo4rFNDngz_-EJqZZ_o9_w-oNnBs-44tdyvpqWFlNKj4Nra8n4Z_TWfFWrLxcsPAfCzY1bQJ0uewsvcareEFfi6fffVLJ3ZvrGCdTFtNYrI5-t6SmK5IUZGzVWlmQZsGZXrAYj7kHTEeklkvgmpPI408sX7o2pvk0mNWIMJGID0tOpDdVv10bo_YBFBZFyp3FKv4ktQ5ldzUsADdXC9eO2ME6CZy6vi_0U3ceZeiuWzhjkxVtoOvTNxqqlAvAJni-RPoeWWxr0igHgGAn2LxCm0_R_uYI8BQm1AjgvSojBS5TIPQaU9cpPpJ451ByiAu6zb3pQ1o4Z46TP1BAPrJKxwjk12m5wjF0blXnSCwKRczZeXLF8chBJyxDN9pKByB4csyVjRT8vAxgl18UBDLHf_0XpMhoM9D_JrmIWJpH1Vy2Qirnhp3osRUSHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ipshudi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8774 42 B
64 B 155ms
154ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWIZ27B2bO32a6L6rgvHtxPQTXiX5GuIFzFNVS3DDiNpyYSfYVvAQBzvnp4Anj7ByGcY3hGj3_22cYUcjcUKAgFQoNgwaa4V2SkSG2fZEFCIIVeVR-tHDdv5OliFinqsBkNbB-DSE_FYfF4ByVfMowxxNBuB1_o8I&sai=AMfl-YR3sBjz0TdJyKzWC30rH8z__SCjCQrKC2dvco_jDsdk8-syp9fxEOL_vGxE4RYDyGW5oqwhnxxHndbY0gP2nnsGh6jPcTlHpgt8rU1ctvcpMjv47zTT_UJ-haIWeiLXQa6AxNr_IUaKqw3Hwth5&sig=Cg0ArKJSzPAULbPKUZOKEAE&cid=CAQSTgAvHhf_F4LE_gqadyCv2bvMwgeaOGhM-Mnc-bir24deAltNAOhZzhcg5CRtvUR9vVi3QF9djuuaURWWjOIpR5XjCTgNB4_3HmfJpMOJJBgB&id=lidarv&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,234,273,707%26tos%3D0,2013,0,0,0%26mtos%3D0,2013,2013,2013,2013%26amtos%3D0,0,0,0,0%26mcvt%3D2013%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2175%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D30037%26vmtime%3D2184%26dtos%3D2013%26dtoss%3D1%26dvs%3D2013%26dfvs%3D0%26dvpt%3D2175%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D0.75%26mc%3D0.75%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D877413403%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2013%26co%3D442840604&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1708495606701

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 06:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ipshudi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uhko37prjmropv8l5u3lgokvmv
.ipshudi.com/	1970-01-21 03:56:31	Name: __gads Value: ID=7967b55412f51c03:T=1708495604:RT=1708495604:S=ALNI_MY-A5XzFrt6ssBFk11pdCEtj4rB-g
.ipshudi.com/	1970-01-21 03:56:31	Name: __gpi Value: UID=00000dcbc951c0a1:T=1708495604:RT=1708495604:S=ALNI_MZLb-2RCXl-5uJJvScMIHJ-hD_1OQ
.ipshudi.com/	1970-01-20 22:54:07	Name: __eoi Value: ID=ddea9138e39e6215:T=1708495604:RT=1708495604:S=AA-AfjbvMANO1H4yOjYw4yj_b8GE
.hm.baidu.com/	1970-01-21 04:10:55	Name: HMACCOUNT_BFESS Value: C9D3A3ECF689295B
.doubleclick.net/	1970-01-21 04:10:55	Name: IDE Value: AHWqTUk8eWLuJXmHGRgskBFgr_4qc1tE10aVVKFQcdA_G3hX24P7pgeoR1T9ii6OweU
.doubleclick.net/	1970-01-20 22:54:07	Name: APC Value: AfxxVi55eTxbOYQ4rOPPYSNLs-Ak3Uwkfg3KN0Bpk7Q9zn1Iz0frvw
.doubleclick.net/	1970-01-20 22:54:07	Name: receive-cookie-deprecation Value: 1
.ipshudi.com/	1970-01-21 03:20:31	Name: Hm_lvt_c375abc2df71accdca3ace57d488f925 Value: 1708495605
.ipshudi.com/	1969-12-31 23:59:59	Name: Hm_lpvt_c375abc2df71accdca3ace57d488f925 Value: 1708495605
.flashtalking.com/	1970-01-21 04:04:19	Name: flashtalkingad1 Value: "GUID=58956BDB333010"
.ipshudi.com/	1970-01-21 03:20:31	Name: FCNEC Value: %5B%5B%22AKsRol9O4fcGxpd_r19Dx9Judp5uLHaHV9ukuACwTe4IpgA-xqA2unZvy7Iu-e8HNAiCdVMkycVWPwLXsibgVXBzPC1RRKCap-UsAi3mm9nLdX0J-HXGm8jWdHFNNw4VDKsrekFew7CSXrBBlYOY4MuZhvKTX2-_0w%3D%3D%22%5D%5D
.casalemedia.com/	1970-01-21 03:20:31	Name: CMID Value: ZdWS9sAoJU0AADT4AEXSLAAA
.casalemedia.com/	1970-01-20 20:44:31	Name: CMPS Value: 2816
.casalemedia.com/	1970-01-20 20:44:31	Name: CMPRO Value: 2816
.flashtalking.com/	1970-01-21 03:20:31	Name: _D9J Value: a6e47cd3dbab4670abba665b4a1f0427

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ipshudi.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.ipchaxun.net
6.ipshudi.com
ad-events.flashtalking.com
ade.googlesyndication.com
bid.g.doubleclick.net
cdn.flashtalking.com
cm.g.doubleclick.net
csi.gstatic.com
d9.flashtalking.com
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hm.baidu.com
imasdk.googleapis.com
pagead2.googlesyndication.com
secure.flashtalking.com
servedby.flashtalking.com
tpc.googlesyndication.com
web.sands-vip3.vip
www.google.com
www.ipshudi.com
103.235.46.191
104.105.36.73
104.76.100.56
130.211.115.4
142.250.176.194
142.251.40.194
142.251.40.98
172.253.115.156
172.64.151.101
23.21.160.120
2402:4e00:1012:8864:0:9a75:681b:dcbc
2404:6800:4009:82c::2003
2606:4700:3032::6815:5d62
2607:3f40:ff08::33
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80d::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::200a
43.136.18.133
52.1.106.47
08564127091d56d3740fd42c178033ec4f4eb7430a38060dc9ecc76856c238b1
19e00c748224410aa578c96af3fe091b483724a60c412a2ec1b567b40904bcd2
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e791c9f9887bf67bda9094e50382859d313005894f7998568ae34703fe62d17
38ba4dcea05a95c294687ea75305bc3a0ef4d36c75575c20ed3b3578773dc6ba
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
44139a85585ab4d7876b581085cb1f7f3ce4eec683c1c6350929691190494880
454260400ef06c37ca70d81ff513f8868b3b86a8df657ca58bb64b9b3b22875c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4c67da3cfafdb3fb26c2b791c49b71b95abfc2aad499103f0cb8c112b95edd78
4c752f4879e221902c13e263e918f5a7ffad2589fee69ce8466ef7e89976ccdb
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4f746588795ae87bb372c14c94c69f0fb6322bc81c3fed74d4972af52144c9e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a5d6d10b03f6bb7204791b005116eb3c7952ad98c0ab47a730c51cf96f26c7
5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662454853acb2962e454f9d905e05d281ffee0420173fea16c760b6a70928ccb
66fe33595dcda9518165c5de069cceadcaff3025b59a395ceac8617f9599243a
693cfe9f093b72282fe83cbbacfbb69fb8ab415cc6168ede821177a3ccbe8aee
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
80df96ffb8f2be8f9ddc1274120e8d3bde11f07694f4bca5a2d0bf83c13ef081
9b7319d60425fa1def69c0cf22c7d0bc89353345cc3576a42e8af25e92df8230
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
addf500551a6d7a9741d4a8faf3c0fbeeb25a088611d62ccfca2b427ba660093
af1fc59aa71298c2477aeb5faed7634ffc7c6ebd8fe3da156b52d2429d169578
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a8c516043c4c9a05711eaa2524a523365cbeeb79d63359ebf56ef71fe36257
b7830b5d6e67c3e62df4cb977e30d36f116375dce9479b55c5f7540fb1ed90b9
b97ec9142c0e8698d6aeac173f08105b990bc57d9d850c9f1d9eb410114d38ba
c3d2c27f826fd73ff9619357a5757c47d507d962ca6b6af177fec2b7398db300
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
deaf54377c5cfb0954e8da7a96637cfa879d9bbddeb48281a7880f87619f1ea8
df5548a04739a5258064ebb8c5d30c78ba51ed18e162b2e78be1e711304f393f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff8b596a7862b8479704a660da117005c9c899e74a619523359dffd823be8f4
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fae86c17455181a4728c95a9ec1f56b0a68f8808daad9626de112c4ffdec14be
fe7bbed879e36055cb00cf42a2cae7f07f17db6636f14c601ecd6bba60112e29
ff6d6fb4b1f991e0f0f2cadba39199f7f77056e86b0e70bcb3c3b847b285af20

www.ipshudi.com Open in urlscan Pro 2607:3f40:ff08::33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

97 %HTTPS

50 %IPv6

12 Domains

25 Subdomains

23 IPs

5 Countries

739 kBTransfer

40030 kBSize

16 Cookies

16 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ipshudi.com Open in urlscan Pro
2607:3f40:ff08::33 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

25
Subdomains

23
IPs

5
Countries

739 kB
Transfer

40030 kB
Size

16
Cookies

78 HTTP transactions
1 data transactions