discord.onl Open in urlscan Pro
2606:4700:3031::6815:2d4f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://telechargerdiscord.site/
Effective URL:
https://discord.onl/fr/
Submission Tags: phish-stream
Submission: On October 27 via api (October 27th 2022, 8:11:32 am UTC) from CA — Scanned from CA

Summary HTTP 186 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 24 domains to perform 186 HTTP transactions. The main IP is 2606:4700:3031::6815:2d4f, located in United States and belongs to CLOUDFLARENET, US. The main domain is discord.onl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2022. Valid for: a year.

This is the only time discord.onl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:15f8:a00... 2a00:15f8:a000:5:1:14:7:de40	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
20	2606:4700:303... 2606:4700:3031::6815:2d4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
23	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
17	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
33	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.65.163 142.250.65.163	15169 (GOOGLE) (GOOGLE)
4 7	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
18	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
4 4	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2600:1f18:445... 2600:1f18:445b:901:c207:98fe:6e39:9561	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.219.97.25 3.219.97.25	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.205.56.183 23.205.56.183	16625 (AKAMAI-AS) (AKAMAI-AS)
186	21

1 2a00:15f8:a000:5:1:14:7:de40 (Russian Federation) 1 redirects

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

telechargerdiscord.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3031::6815:2d4f (United States)

ASN13335 (CLOUDFLARENET, US)

discord.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.163 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net

p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2004 (United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.65.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.81 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.43.72.97 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:445b:901:c207:98fe:6e39:9561 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.97.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-97-25.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.56.183 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-183.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	648 KB
39	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	239 KB
26	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 78 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2267 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4659	53 KB
20	discord.onl discord.onl	1 MB
18	gstatic.com fonts.gstatic.com www.gstatic.com p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com	323 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	8 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	279 KB
5	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1336 mc.yandex.ru — Cisco Umbrella Rank: 3510	180 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	3 KB
4	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1521	991 B
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	2 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6193	130 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	1 KB
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	87 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	925 B
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3396	788 B
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	591 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 584	622 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 15566	914 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 987	762 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	463 B
1	telechargerdiscord.site 1 redirects telechargerdiscord.site	148 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
186	24

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net discord.onl
20	discord.onl	discord.onl
19	pagead2.googlesyndication.com	discord.onl pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	cm.g.doubleclick.net	discord.onl googleads.g.doubleclick.net
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com discord.onl
11	fonts.gstatic.com	fonts.googleapis.com
9	fonts.googleapis.com	discord.onl googleads.g.doubleclick.net
7	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	rtb.openx.net	4 redirects
4	image6.pubmatic.com	4 redirects
4	yastatic.net	yandex.ru
4	mc.yandex.ru	1 redirects discord.onl
3	pixel.rubiconproject.com	3 redirects
3	cdn.ampproject.org	discord.onl
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	cc.adingo.jp	2 redirects
2	ag.innovid.com	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
1	mts0.google.com	googleads.g.doubleclick.net
1	odr.mookie1.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yandex.ru	discord.onl
1	telechargerdiscord.site	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
186	32

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-18` - `2023-06-18`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://discord.onl/fr/
Frame ID: 84416B2E8267A2864AAB6BE1F98E6755
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html
Frame ID: 18B8F2AB4C0D1BEBC3805E5F577C703A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&adk=1812271804&adf=3025194257&lmt=1666858284&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284283&bpp=5&bdt=741&idt=210&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6535789357431&frm=20&pv=2&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Frame ID: 6E10A97DFE8BD9DEC3869741B652AA60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&h=200&slotname=3305092058&adk=2159543937&adf=71512883&pi=t.ma~as.3305092058&w=1200&fwrn=4&lmt=1666858284&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284288&bpp=2&bdt=746&idt=233&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mH6UxodwiC&p=https%3A//discord.onl&dtd=239
Frame ID: 58B68D562E64E7F5EDCD3D2300C12F15
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177
Frame ID: 1620374F02ED4B6C0A5DC7430B2ADEDE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181
Frame ID: 208BFDB1022AB61CAA0E018988CC0BAE
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186
Frame ID: 115964F198B378061940E3165F90BFBF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3FA5AC21D8179019D7E4E39E009A86B8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Frame ID: D919C5E5EC7C1F19C24768B996498141
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AE97DF185AED9B34594C406D022E00E3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DB8DBFEFCC664D64FC058E1C67976D73
Requests: 2 HTTP requests in this frame

Frame: https://p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: F9A912E332714794A97CC8BFA1F7EF22
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B7122CFE44D3F7F80706FD5DA9BF6B0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: A67E9169FE5BD915E028B8A578869444
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: E3D067D52102084EE831E11476B34DB4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: EB751430880B71B8AB91FD166563D5F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4B79F4B61E1D787A7A0B4E6534BDA8B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3CC9A3A8001EEBB3238142C8D24052F4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 75A59D341170E96AFE885512BE827F71
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81E696140D77BECB0A25852E6EAF71C8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65F68C46D51972BF487F960FA6D8EF89
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 82FCEDF0A40331B57054545E7AE37F94
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 05F29FB3C5345F4FF4E28F71415B3446
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: D1CEC91CF02D25C99B7FBBE9893448BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63C602A3F18C2FA79395FDC2902A0F56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8AD5AB8BE102104534F4A9E297911D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord – Télécharger l'application Discord pour PC, Mac, Android, iOS et Linux

Page URL History Show full URLs

https://telechargerdiscord.site/ HTTP 301
https://discord.onl/fr/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

186
Requests

90 %
HTTPS

66 %
IPv6

24
Domains

32
Subdomains

21
IPs

3
Countries

2983 kB
Transfer

6331 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://telechargerdiscord.site/ HTTP 301
https://discord.onl/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://mc.yandex.ru/watch/66566467?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A242891655667%3Ahid%3A730895433%3Az%3A0%3Ai%3A20221027081125%3Aet%3A1666858285%3Ac%3A1%3Arn%3A669039498%3Arqn%3A1%3Au%3A1666858285679794250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C28%2C580%2C2%2C695%2C0%2C%2C997%2C0%2C%2C%2C%2C2325%3Acpf%3A1%3Ans%3A1666858282215%3Arqnl%3A1%3Ast%3A1666858285%3At%3ADiscord%20%E2%80%93%20T%C3%A9l%C3%A9charger%20l%27application%20Discord%20pour%20PC%2C%20Mac%2C%20Android%2C%20iOS%20et%20Linux&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/66566467/1?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A242891655667%3Ahid%3A730895433%3Az%3A0%3Ai%3A20221027081125%3Aet%3A1666858285%3Ac%3A1%3Arn%3A669039498%3Arqn%3A1%3Au%3A1666858285679794250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C28%2C580%2C2%2C695%2C0%2C%2C997%2C0%2C%2C%2C%2C2325%3Acpf%3A1%3Ans%3A1666858282215%3Arqnl%3A1%3Ast%3A1666858285%3At%3ADiscord%20%E2%80%93%20T%C3%A9l%C3%A9charger%20l%27application%20Discord%20pour%20PC%2C%20Mac%2C%20Android%2C%20iOS%20et%20Linux&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8NqoH19O4CeF1u7mq1lAHwj1jvuo3AKUqLppfYV6toC4Pm6FiDKu78enlTWuhusAzSFpGQNxXH5k_FzIot7TNBvXR4qA_PD6gDfc4AT8RHBGGlcCTezOlnze_8UJCt-JSMRTIQ25k&google_gid=CAESEHnKxCXhsVjpOU4l3zIMr7Q&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK766JoGEgUI6AcQAEIASpsBZ29vZ2xlX3B1c2g9QVptUHhnOE5xb0gxOU80Q2VGMXU3bXExbEFId2oxanZ1bzNBS1VxTHBwZllWNnRvQzRQbTZGaURLdTc4ZW5sVFd1aHVzQXpTRnBHUU54WEg1a19GeklvdDdUTkJ2WFI0cUFfUEQ2Z0RmYzRBVDhSSEJHR2xjQ1Rlek9sbnplXzhVSkN0LUpTTVJUSVEyNWs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT1hWN2tZaGFyT1A1MjYtZ083VC12c0psNGRMS3VzWUxuUm1vMFRMc1B4SQ==&google_push

Request Chain 126

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEJ-gGma6ZqlD7ff7IMHXf8Q&google_cver=1&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTIw4l_7K2Q1ct_6hBR1ddx3qRHQA1-L7f2gEQvM7k1ie2DBZG-uDbJIBY2nRCFuY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTIw4l_7K2Q1ct_6hBR1ddx3qRHQA1-L7f2gEQvM7k1ie2DBZG-uDbJIBY2nRCFuY&google_hm=MTA2MTc3OTkwNzIwNDI5MTc1MTA

Request Chain 127

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGy-2AlmSKm9zoHivH2sk0U&google_cver=1&google_push=AZmPxg-V0QOl2rkoL9AMdPwumYGx2B9cPmiFu9hQ40X1mLQbzrZCSRqFg9dhzsr__aRVQLp4rJU4x47gj1r3IvZFt5W-_7i-F33oNIlw5rsFw5BFqRXlcoM9DPEXo0t8ScTOt_s-baV48nQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGy-2AlmSKm9zoHivH2sk0U&google_cver=1&google_push=AZmPxg-V0QOl2rkoL9AMdPwumYGx2B9cPmiFu9hQ40X1mLQbzrZCSRqFg9dhzsr__aRVQLp4rJU4x47gj1r3IvZFt5W-_7i-F33oNIlw5rsFw5BFqRXlcoM9DPEXo0t8ScTOt_s-baV48nQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-V0QOl2rkoL9AMdPwumYGx2B9cPmiFu9hQ40X1mLQbzrZCSRqFg9dhzsr__aRVQLp4rJU4x47gj1r3IvZFt5W-_7i-F33oNIlw5rsFw5BFqRXlcoM9DPEXo0t8ScTOt_s-baV48nQ

Request Chain 128

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1ZHo7u6G4S5V_4EgrpovU2NlCuGeNVbQisXFYq9B6mys3e26s5oKxA_auG01YdMATT4ig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSEotMVotMzgyVg==&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1ZHo7u6G4S5V_4EgrpovU2NlCuGeNVbQisXFYq9B6mys3e26s5oKxA_auG01YdMATT4ig

Request Chain 130

https://cc.adingo.jp/adx/push/?google_gid=CAESEKa7iwtvfGH-0C0mm5ynMjc&google_cver=1&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaEpEzH9dFdJJrEQXLVAlUaeLHc_MweI1rf_2m0N1NYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaEpEzH9dFdJJrEQXLVAlUaeLHc_MweI1rf_2m0N1NYA&google_hm=61493628ee32d5bf1d27e9029508bd9a

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5MgweS5FmAupq HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5MgweS5FmAupq&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5MgweS5FmAupq&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==

Request Chain 161

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGy-2AlmSKm9zoHivH2sk0U&google_cver=1&google_push=AZmPxg-HFnkFoan5Z4yRipqW_Ce-RxmVEAQd17fK4SFHljYEarw-Ui6_Hc9jI4b2ihjcBYjIyTRR5Bhmbie6QOvB20GuMzi2tgJRcmcGzD6Aul7u6ztaIqTKVZXXXtG1cY479n8DHf1UWGG3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-HFnkFoan5Z4yRipqW_Ce-RxmVEAQd17fK4SFHljYEarw-Ui6_Hc9jI4b2ihjcBYjIyTRR5Bhmbie6QOvB20GuMzi2tgJRcmcGzD6Aul7u6ztaIqTKVZXXXtG1cY479n8DHf1UWGG3

Request Chain 162

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0X_qOPfeOqyCdqBhp-TQcXfgUvkyspPQVKSd6yM81VqBtYBZqUCjlX2fu_-l7ehUxWgJTV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSkItMTUtQTBTSg==&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0X_qOPfeOqyCdqBhp-TQcXfgUvkyspPQVKSd6yM81VqBtYBZqUCjlX2fu_-l7ehUxWgJTV

Request Chain 163

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_cver=1&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxFJ0VMD1F8BsU--Lymw9HDJcThb-FfeEtDl_YxTsxK-JxmtNBE4Y07D4f2Ekpk5ywQookRvYP9m2MJ6BS8hamYR_7GGbXwNOzCq1YZFL_hvRf HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxFJ0VMD1F8BsU--Lymw9HDJcThb-FfeEtDl_YxTsxK-JxmtNBE4Y07D4f2Ekpk5ywQookRvYP9m2MJ6BS8hamYR_7GGbXwNOzCq1YZFL_hvRf&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxFJ0VMD1F8BsU--Lymw9HDJcThb-FfeEtDl_YxTsxK-JxmtNBE4Y07D4f2Ekpk5ywQookRvYP9m2MJ6BS8hamYR_7GGbXwNOzCq1YZFL_hvRf

Request Chain 165

https://cc.adingo.jp/adx/push/?google_gid=CAESEKa7iwtvfGH-0C0mm5ynMjc&google_cver=1&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJGKSdoZ2WfQWcHEp7xlOQXBwln4zPuc7xQdDy-xLaF8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJGKSdoZ2WfQWcHEp7xlOQXBwln4zPuc7xQdDy-xLaF8&google_hm=61493628ee32d5bf1d27e9029508bd9a

Request Chain 168

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-rwsz9hDHMnTKV9Uv-06q4kZdbDP_Kk&google_gid=CAESECIBwyQGF1CFFKAkIvjrUAs&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-rwsz9hDHMnTKV9Uv-06q4kZdbDP_Kk&google_gid=CAESECIBwyQGF1CFFKAkIvjrUAs&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcwODExMjcwMDA0MDg4NTA0OTEwNg%3D%3D&google_push=AZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-rwsz9hDHMnTKV9Uv-06q4kZdbDP_Kk

Request Chain 169

https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==

Request Chain 170

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGy-2AlmSKm9zoHivH2sk0U&google_cver=1&google_push=AZmPxg_cuFESjqqHSf0EEj7TFpldrbEd65MAqUd4GJIzGc4-MIceIZ3PGtybMPWFkA3NGnqCDv4RdpLDMZnvbWAUZJezaQSM3r03 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_cuFESjqqHSf0EEj7TFpldrbEd65MAqUd4GJIzGc4-MIceIZ3PGtybMPWFkA3NGnqCDv4RdpLDMZnvbWAUZJezaQSM3r03

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Zak9sWtHFfxzN3ITLgm2MOnkvp- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYS1EtRy1FNVlL&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Zak9sWtHFfxzN3ITLgm2MOnkvp-

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_cver=1&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur9d48OI1jXG4PSya5tAZsgn3PnkavHHfKc2AxIiRY48nfvQDG6kyU6r8eV6sGKE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur9d48OI1jXG4PSya5tAZsgn3PnkavHHfKc2AxIiRY48nfvQDG6kyU6r8eV6sGKE&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur9d48OI1jXG4PSya5tAZsgn3PnkavHHfKc2AxIiRY48nfvQDG6kyU6r8eV6sGKE

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

186 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
discord.onl/fr/
Redirect Chain

https://telechargerdiscord.site/
https://discord.onl/fr/

24 KB
9 KB

628ms
581ms

Document
text/html

2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410d22eaea2831ffd285a523bf48b0e3c4a618569fe6aaf25d95ac227a9fafd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7609f5ec8fac715a-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 08:11:23 GMT
expires: Thu, 27 Oct 2022 08:11:23 GMT
link: <https://discord.onl/wp-json/>; rel="https://api.w.org/" <https://discord.onl/wp-json/wp/v2/pages/827>; rel="alternate"; type="application/json" <https://discord.onl/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LohBVvmgEw8iIAPIucDsYv%2FGQBubdQbXeKG0uUJmMmoYRVy3luw%2BM8%2BADWeBxlMMJyE6AMJ62RVp5VhbIe0FxBdxdY%2FdlQVSe2oBerpAYeoDOyURZ9IDYP1Mi%2BeumD8nacNwcFQ22Vv0CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding,Cookie

Redirect headers

cache-control: max-age=0
content-length: 231
content-type: text/html; charset=iso-8859-1
date: Thu, 27 Oct 2022 08:11:22 GMT
expires: Thu, 27 Oct 2022 08:11:22 GMT
location: https://discord.onl/fr/
server: Apache

GET
H2 200 style.css
discord.onl/wp-content/plugins/amp-sidebar-hamburger-menu/ 4 KB
1 KB 463ms
462ms Stylesheet
text/css 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/plugins/amp-sidebar-hamburger-menu/style.css?ver=5.9.5
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72255193a44617bbf529e5cae59717f754751bf85348e7492ee4c1eb87242615

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 01 Aug 2021 21:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f89-5c885e9768538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7Hk50wlCKU%2BcaJwX0QUJ6N%2FtNvL%2B7xeNUowZrDfpj74FwyQ6yL772198qwNagmGexwCARNABSzK1QOoyaPBGDqfM6%2BkQX%2BCNZvul7aRViv2F1oPlay2JhrDGkGZemzNEIdQMMtuuB1NIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2073600
cf-ray: 7609f5f029ff715a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:23 GMT

GET
H2 200 style.css
discord.onl/wp-content/themes/kelly/ 30 KB
8 KB 518ms
518ms Stylesheet
text/css 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/themes/kelly/style.css?ver=5.9.5
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560c0a4d83fc4365ac650ef00dc7ef49cdcd1118a11238d0c58dc4e3c02b3ca2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Sep 2022 13:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"77c7-5e9e49d54d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84xa1FvbB8A2ZodNQXjMctZKjjgZV3dy%2FTlXoXyCAopOsqFrp3B%2Bnz46lxHwwMUpoy1NhUr4C%2FXzGGHW2cs%2FM5p2NFw6PJdbKXtzQWjKZRqZV%2FlwxAHBPFTrE%2BrC8x%2FI1IKvl3mbv6IJ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2073600
cf-ray: 7609f5f03a00715a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:23 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 276 KB
71 KB 110ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 08:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72656
x-xss-protection: 0
server: sffe
etag: "bbbc87a61b096581"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
11 KB 102ms
33ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 08:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: sffe
etag: "0306c954ffbc2f1e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 105ms
37ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

928a02d4975285b6175eeb4aaa3dc4a141bb0dea4886de5a5ae5d6b286f0cc43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 08:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5871
x-xss-protection: 0
server: sffe
etag: "cc3dd8035c25f017"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 113ms
57ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9291528157178239

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3e58c23f03cd50a1433cd14ed6a7d6d3515d995315548a46556d7c12ac7d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49398
x-xss-protection: 0
server: cafe
etag: 15004444794745431588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 392 KB
106 KB 533ms
173ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ed4c42660c3527b9331c2cab864af77792a69a4185632c35d2f3d3c737b1c740

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1666858284506151-6875260141991264288-vla1-4636-vla-l7-balancer-8080-BAL-7247
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Oct 2022 09:11:24 GMT

GET
H3 200 Discord-2.png
discord.onl/wp-content/uploads/2019/02/ 21 KB
21 KB 546ms
540ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2019/02/Discord-2.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1e700d43661d4b51b88a00dc7160528ac00980fe4d24d12ee1440727297140

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Aug 2020 14:52:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f3d3c97-53e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyKLgRg93mDJy1kDkTsf0uRzBNSGl6RVPTbPBfRMF%2BofidyDRz58311FDv6W1a9RDtQtneoqsn9yc%2BOvsDoOETckOZ%2Bq4vB9S61%2F3H%2Brpk2JCubTvCwwLln3LbipGc%2Bp%2FY5Mpkb2%2BgO94w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37ffbca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21474

GET
H3 200 discord-features_1.png
discord.onl/wp-content/uploads/2022/01/ 198 KB
198 KB 686ms
681ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_1.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee78e8a52d04c77290d81db4c14e041b189df16c3982e22f547de4d02e12eda3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492c-316b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3FVfe4NaidsKGmrbeaIifiCONZFfPdYl8qv6ZJb%2B%2FUsqXHKrjEl4Milpw%2F0zpYzE6hzWMWvD69X5mCh0r7lzFwNOlq3Jtv4ZqCXPVx3PAPNZF%2F25FUtW0eLovNaTxRrmZf%2BW2rTDQzx5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37ffcca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202416

GET
H3 200 discord-features_2.png
discord.onl/wp-content/uploads/2022/01/ 34 KB
34 KB 514ms
509ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_2.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3cb6cb4200a00561460c2285e6e7f3b61d8018a2da7b5b008daec00d903be0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492d-8647"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd%2BLWinaa0h2TgG%2Byr2gvGGdbIF1Bo96CcgJVX23%2FgHP49cDP1VXVOpYsCWVByWU82Bd68gtLbmZozRZP8LsmAAmKd8fut%2FyED0TshpHNy6PkQy7soLT0C2yc5F268e30R6P0MKimdmwsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37ffdca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34375

GET
H3 200 discord-features_3-1.png
discord.onl/wp-content/uploads/2022/01/ 100 KB
100 KB 385ms
380ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_3-1.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf63771fe4eebf151224f782c5b85b538c8c5652f819ff1ca35c12b8bc8038b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492d-18f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1x30CWmXd%2B4%2BzWhOPCD%2BUU6Mh0n2JKOxhmUGhGMEbeuG09X%2Fcs%2FcZk1ln2bHheY5%2BSWfs5Vr2CGqy9%2BM3FWXR6VJ8m%2BPuM8yugzOkWVS85ji1WUew91jdlHnSa5his8sZZv6nRL0sUhfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37ffeca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102217

GET
H3 200 discord-features_4.png
discord.onl/wp-content/uploads/2022/01/ 230 KB
230 KB 624ms
619ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_4.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d3e4c0019ce03ed0e8c782faa7f6288884d8814ebdd2d63b84685de2ef5f37

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492e-396ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXJ2a7W%2BiahrtKxhqIvHxM759vlnOKnyYxw0LW6LUYRGLZPWrmcWgz%2Bc4G1d5L%2BSlXsTMr8%2Fkjd0oF9kBXGXGIuhPaJkiAT%2FoKeLrr2x2kkbwpPsQQrxa%2FywKg8vlThPxoP02mUTq94WvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37fffca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 235182

GET
H3 200 discord-features_5.png
discord.onl/wp-content/uploads/2022/01/ 22 KB
23 KB 537ms
531ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_5.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad333321b5de826d613d4f6d26a9654005b0b32c9a119f25d3e331ee27b8527d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492e-5950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBTb6TMa2gW88tuwiXrTEPhw4nEtxMdpB5NbaV5necX%2FU6vSh6OxOu3ZGmuvKkHHxDw1oByp7NsYPAToyXxfVp4%2FnJYS8ud86xeOqUjrwclM5g%2FgQY35xllmZDD2ppQWcQimIkNOiUpEIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37800ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22864

GET
H3 200 discord-features_6.png
discord.onl/wp-content/uploads/2022/01/ 206 KB
206 KB 649ms
643ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_6.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c39cccc2b04f1f09b73968b5821432da79504faa06139581cfc01f40ea80edae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492e-337a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI4R32GqMJYVx%2FEYvR1bnqecVCAshUa%2FKcfrLs9n%2FasLslC4q3E6hEZrmc59289R8wW1hkOjFOyMuYvN4hxVXEbeX7Ajlt%2BlKXQq3B7TyUzGQrucnOJR8glqyVajvQJIEEtVkYaSPhI0ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37801ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 210851

GET
H3 200 discord-features_7.png
discord.onl/wp-content/uploads/2022/01/ 43 KB
43 KB 626ms
620ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_7.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3efcc1e5cf6c683ad7cd0cca6fa12511f4af8af187b7b079fbb21a28b5639c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492a-aa8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9FUuHxkCZjW5F%2BtDEZkx%2Bx1LXMGOIN1rchFgpyovhvfOLtSd2Ouxl1mF2jDqGMsTCbOuKEwyGYg0w1KacWrwzz%2F9mAtC0f15lOzp4IyZBjGRJVquh%2BL4aPK%2BExWom1B7SiwANiRIpxdWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37802ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43663

GET
H3 200 discord-features_8.png
discord.onl/wp-content/uploads/2022/01/ 38 KB
38 KB 660ms
655ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_8.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04482337206a0c544295d2674c6a663351f4035804950beb4940fceacc572654

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492b-966a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baW43Vb0MYyhfg%2BBhmiE7qZ71QxnrpwtZPh8SOaEZTnP3MzYEv65XOiIRd2GLAUoQMwmTsVkFyHKJjGlQYuHJUy%2FpxE3wj5yp4mkwlKNMCtD%2Ft4h46%2BhNFfryoCgYnH71OGObeFA0NjYtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37803ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38506

GET
H3 200 discord-features_9.png
discord.onl/wp-content/uploads/2022/01/ 114 KB
114 KB 872ms
867ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2022/01/discord-features_9.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4412584e3ff8c42904558b1d315fc4a1f80c4a4f819f975230526c7ca5df3ee7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Jan 2022 12:25:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61ed492b-1c73d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKZIzxb%2FQBhGbwgTKmI90XD3n4pIBkyJO9uMbVBOmpTpUZX%2BlwzI%2FhwnjG4JuF5oSlYRcegk83fJVnNaC%2BkzLTwOMOCggF%2BrS85cC%2F61JqfRAmyCq%2FgFxg2A3nK6vmWm3nhx44ci34Wdzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37804ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116541

GET
H3 200 i-love-you-discord-2.png
discord.onl/wp-content/uploads/2019/02/ 1 KB
2 KB 419ms
414ms Image
image/png 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/uploads/2019/02/i-love-you-discord-2.png
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79bec5b76df04cee7113c3d1afb8e163c7907a04b56335889fd95d03644ad989

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Aug 2020 14:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f3d3c99-461"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7%2FkA4wcfKicIPcuh3yz54kh9sVN%2BVJMGpiDima2cVohF8md2WXuASi6kipA3KHSSOG7NjJYarf45vPEVoncWdoUGLoTKyjrctwPJeGqxxa%2BG6e086ArLi4zF66u8XGr%2FXq664E%2Bbfwl0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7609f5f37806ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1121

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 87ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H3 200 kk-star-ratings.min.css
discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
1 KB 461ms
461ms Stylesheet
text/css 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.2.6
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89b6e821ab541ce1905373529ec95ebee1da51e95c9e8758ee438cd84cbec85

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Jun 2022 06:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"90f-5e1ef8fcb4a39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1ph4aVzcmpSHxIZQD5fJl6%2BDjAg5Zqv2D9j8QJMqpYbvb47heknJjB2dSh6wBVeTYTsLKCV2g1gJfSg9vtkr%2B1crkCdj5dQ77eE32QFZ6o5y3WCI0mDl9hddDq%2BCUyZrXKoPKq9XYj8AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2073600
cf-ray: 7609f5f37ff0ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H3 200 navigation.js Show response
discord.onl/wp-content/themes/kelly/js/ 2 KB
1 KB 403ms
399ms Script
application/javascript 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/themes/kelly/js/navigation.js?ver=20120206
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5695a45b920ebd68efb8d85e1e1f4fa7c94723c2c76ffc93bc3a4f6519768a22

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Aug 2020 14:43:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6c3-5ad3c05b5d940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ2krtIEz3OpJTDmGr3F2s3D%2BP%2FcX33WSf72t1NGid%2FQu2lCqhVbZXbPMmix2i9y5vAeztWGVRtis6y15dcx%2BdeC4xcLZcSJEPfV1MOEg0XkX4PFcV2gtSJWEM6jE2L7sjZMl3A65kWHWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2073600
cf-ray: 7609f5f37ff2ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H3 200 skip-link-focus-fix.js Show response
discord.onl/wp-content/themes/kelly/js/ 733 B
840 B 461ms
456ms Script
application/javascript 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/themes/kelly/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Aug 2020 14:43:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2dd-5ad3c05b5d940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyUPhtKN0ecAjJy3R6teKNczrxxkY7d4WQ9Jf3GSQ9EsoHk5EGZC4z4qbmQMJPr5%2BPvfNi1hmMAEhV0hIqJvSbkmBB9CJd2Rr9caGi6Y%2BTD3CW8CePgr1zcpqUxIuOa2EJCArFWDsH34qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2073600
cf-ray: 7609f5f37ff3ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H3 200 kk-star-ratings.min.js Show response
discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/js/ 1 KB
1 KB 421ms
414ms Script
application/javascript 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.2.6
Requested by: Host: discord.onl
URL: https://discord.onl/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Jun 2022 06:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"54f-5e1ef8fd1a331"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnzR0ju7rnlTxqRTuMVowZ1u0y1jzvYiYRPptz2%2BKeeLGo7WeP%2B0hGYgGmZEDNak2U9lKXo0AhWtqon6NoqO0prMxewGVD2A3KkOChWqiGJ6n4y%2Fjibx%2BeupZJu1s6Uj7o5eBYTad72PFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2073600
cf-ray: 7609f5f37ff9ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
DATA 200
OK truncated
/ 271 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d183dce188ef91df5ddcd9ff5378e1b64ce515ccb048ed2a1f32d4fd0a0a3e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9db31d43b24c3f411603160fc6554ceb91e1c628696646a13a563feddee0540

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6434052af0ddf6b0203fc314c95448d2148edc35dab8973128a46430fd6152c2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 360 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5bbdcb19982fe95732f1402bd8cadcf407746cec57fa18043f6dd7b3dbf2502

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 339 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 296f5722ef36477feb23f79b20a628df8baf4527d29e16ff161a5bc95dca3890

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a4e9eaad077165880b982842cc79f705c883e584c3fedaa1f2a97c016e697a3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 265 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf6bf3dcc07223416fc8bbb8f49bff57d21c1c6dffd76f38f8c11e7d054c340

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 70ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:34:59 GMT
x-content-type-options: nosniff
age: 164185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:34:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 82ms
40ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:41:20 GMT
x-content-type-options: nosniff
age: 214204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:41:20 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/ 353 KB
116 KB 137ms
85ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9291528157178239

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b939061b62e0770e84fedfd26915aafe7fc418bd2a2fe8ceb433caeaccb1f3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118745
x-xss-protection: 0
server: cafe
etag: 12962591173227245034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/ Frame 18B8 10 KB
5 KB 81ms
24ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9291528157178239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 05:17:45 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 05:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
463 B 40ms
39ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=discord.onl&callback=_gfp_s_&client=ca-pub-9291528157178239&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555d42c59f2b48f5895b280d3d55599a4f242cd07facdb69acfc898f0c2c493d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 99ms
39ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=discord.onl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 96ms
37ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discord.onl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E10 246 KB
64 KB 842ms
792ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&adk=1812271804&adf=3025194257&lmt=1666858284&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284283&bpp=5&bdt=741&idt=210&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6535789357431&frm=20&pv=2&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e257dd2c11e03c667ffd7602bb2b44e7c586be0320200f117aba491574867d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:25 GMT
expires: Thu, 27 Oct 2022 08:11:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58B6 86 KB
31 KB 920ms
881ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&h=200&slotname=3305092058&adk=2159543937&adf=71512883&pi=t.ma~as.3305092058&w=1200&fwrn=4&lmt=1666858284&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284288&bpp=2&bdt=746&idt=233&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mH6UxodwiC&p=https%3A//discord.onl&dtd=239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a188f03311fcb5519c2213e0d943cd76ba00da173186b7d016b6f4538a0097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31649
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:25 GMT
expires: Thu, 27 Oct 2022 08:11:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 681ms
291ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11eb5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73397
expires: Thu, 27 Oct 2022 09:11:25 GMT

GET
H3 200 inactive.svg
discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 238 B
702 B 462ms
462ms Image
image/svg+xml 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by: Host: discord.onl
URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.2.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Jun 2022 06:45:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ee-5e1ef8fd888c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxxJKKmJXMbBHK4gegPLiBD07SiFaT2rX1%2FDSVo9O31zp7stS4YPOv9XqHv1vAlNj3DwLaCae7bl0DS6Y6lXTKt7FvJn%2FmAa4gEgYE6nbiTQr%2BRIsgRlpO9auMK5KczDnQATNq%2BQ8JQ1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 7609f5f6696fca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H3 200 selected.svg
discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 242 B
706 B 423ms
423ms Image
image/svg+xml 2606:4700:3031::6815:2d4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/svg/selected.svg
Requested by: Host: discord.onl
URL: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.2.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f27c612dabb4ea65aeb9ca7c30264518cadd2509ed984c3a4f6d022e4ce035f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Jun 2022 06:45:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f2-5e1ef8fda8c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KejCZFfyD5g5Xon5O2IkUEXD5GCrHZcHVwvZB%2BLaGUXIOG3Bn%2FmNJqN002Ahw4FrPzpUhYcs7hgJEJaN8vpfzPbDw8xGu1WjokCLThptFjYzidnmrwSEn6KPAqbe3YYk%2BbqG9bNlyhDfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 7609f5f66971ca4f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 08:11:24 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/672046/ 13 KB
5 KB 329ms
108ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/672046/3521127290410543dbe9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6c5e90ca2070b294bf5a8c43040852386eedcde60f90a7ea22d4b2da8a604b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4601
last-modified: Wed, 26 Oct 2022 15:39:14 GMT
server: nginx/1.17.9
etag: "f6de47012415b307d6d767ddebe6864b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 26 Oct 2052 14:46:13 GMT

GET
H2 200 b2a3ff6bcdb69f175550.js Show response
yastatic.net/partner-code-bundles/672046/ 86 KB
19 KB 425ms
204ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/672046/b2a3ff6bcdb69f175550.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

275f05508627736dac8e8a906f76f2e18bc0510632cb7eafa2b083723b9e9ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19061
last-modified: Wed, 26 Oct 2022 15:39:14 GMT
server: nginx/1.17.9
etag: "fe7bc7149fc6edbd1cc587cb96d14bf7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 26 Oct 2052 14:46:13 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 576ms
355ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 26 Oct 2052 14:46:05 GMT

GET
H2 200 bfa2256f8f25cf20c674.js Show response
yastatic.net/partner-code-bundles/672046/ 468 KB
96 KB 483ms
265ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/672046/bfa2256f8f25cf20c674.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c0356ddd1afe94c76868393b2208a0ecda550cd5dbf4d66ef8fb254fcdec7636

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://discord.onl/
Origin: https://discord.onl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 97770
last-modified: Wed, 26 Oct 2022 15:39:14 GMT
server: nginx/1.17.9
etag: "f386e3813a41f3f1b7e082b7a3f8b616"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 26 Oct 2052 14:46:13 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/66566467/
Redirect Chain

https://mc.yandex.ru/watch/66566467?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.ru/watch/66566467/1?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8...

420 B
501 B

149ms
147ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66566467/1?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A242891655667%3Ahid%3A730895433%3Az%3A0%3Ai%3A20221027081125%3Aet%3A1666858285%3Ac%3A1%3Arn%3A669039498%3Arqn%3A1%3Au%3A1666858285679794250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C28%2C580%2C2%2C695%2C0%2C%2C997%2C0%2C%2C%2C%2C2325%3Acpf%3A1%3Ans%3A1666858282215%3Arqnl%3A1%3Ast%3A1666858285%3At%3ADiscord%20%E2%80%93%20T%C3%A9l%C3%A9charger%20l%27application%20Discord%20pour%20PC%2C%20Mac%2C%20Android%2C%20iOS%20et%20Linux&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c1514c36f34a1bddd16f4b9b710e23d3c0644717302f94f00cb2071c0759dc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 27-Oct-2022 08:11:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.onl
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 08:11:25 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27-Oct-2022 08:11:25 GMT
location: /watch/66566467/1?wmode=7&page-url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1899%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A242891655667%3Ahid%3A730895433%3Az%3A0%3Ai%3A20221027081125%3Aet%3A1666858285%3Ac%3A1%3Arn%3A669039498%3Arqn%3A1%3Au%3A1666858285679794250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C28%2C580%2C2%2C695%2C0%2C%2C997%2C0%2C%2C%2C%2C2325%3Acpf%3A1%3Ans%3A1666858282215%3Arqnl%3A1%3Ast%3A1666858285%3At%3ADiscord%20%E2%80%93%20T%C3%A9l%C3%A9charger%20l%27application%20Discord%20pour%20PC%2C%20Mac%2C%20Android%2C%20iOS%20et%20Linux&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://discord.onl
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 08:11:25 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 144ms
143ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Oct 2022 09:11:25 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/ 151 KB
51 KB 52ms
52ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67d5b124e961439d11e36574f70de5f10699f263def42c1dfd59fe2e2aca52df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52376
x-xss-protection: 0
server: cafe
etag: 3186524949763617477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H2 200 ca-pub-9291528157178239 Show response
fundingchoicesmessages.google.com/i/ 107 KB
37 KB 127ms
62ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9291528157178239?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aeaf18e6c87e0aa7b208d3624490c8197b1b27340eef26f0a84a14c5c6dfe41

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bMg_K0193Oun8W8d7MgSFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bMg_K0193Oun8W8d7MgSFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 58B6 4 KB
621 B 76ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&h=200&slotname=3305092058&adk=2159543937&adf=71512883&pi=t.ma~as.3305092058&w=1200&fwrn=4&lmt=1666858284&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284288&bpp=2&bdt=746&idt=233&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mH6UxodwiC&p=https%3A//discord.onl&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 06:56:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 58B6 2 KB
819 B 79ms
25ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 58B6 23 KB
10 KB 72ms
18ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 58B6 3 KB
1 KB 75ms
26ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 58B6 17 KB
7 KB 75ms
22ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58B6 152 KB
47 KB 99ms
45ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 58B6 33 KB
14 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 05:17:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 58B6 0
0 53ms
52ms Fetch
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMr1RLD1aY4LdJImcoPMPlJSc8AO-pu6FbZ_-rsDQEN60iIqMDhABIIf4uyJg_eiigfADoAGz0Zb1KMgBCakCDzbVf4WjOz6oAwHIA8sEqgTRAU_QftlLD3Av7337Jsj-Ouxb0Zwvsl0XQFh20y_Qvl7SIov3k5NP8FljkUzJv8ahjwo6Iv3SGZ2pWzipMc59PCV7wVarINobJktLoPyG3Vv4zUstvtpKPYOBJpXwWoRy_VT66kDQHr7snsCQxr7rf6i9GzTmCwVCbjysKWYg-xsHKzbQ3I4n4rnIcvBYUfcGs1ZiksBWymAKLTY_wSqx6IiQd5bQFG-JQpUSZ3E9iG-QhnaDK4klirUGQj9TzXC8ntyKu38amfY4ad8CbK60KmpJwASi3MTQjASSBQQIBBgBkgUECAUYBKAGLoAHs4nn1AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJp3nSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkyOTE1MjgxNTcxNzgyMzkYAA&sigh=79RnRRm1iMM&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9291528157178239&output=html&h=200&slotname=3305092058&adk=2159543937&adf=71512883&pi=t.ma~as.3305092058&w=1200&fwrn=4&lmt=1666858284&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858284288&bpp=2&bdt=746&idt=233&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mH6UxodwiC&p=https%3A//discord.onl&dtd=239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 08:11:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/17826451425301075122/ Frame 58B6 19 KB
19 KB 81ms
40ms Image
image/jpeg 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17826451425301075122/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c9e61e8fdf1be654b4b92ef3e9709366050c3a1a1ef4b51ad7e11eb0aa440c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 06:31:30 GMT
x-content-type-options: nosniff
age: 5995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19298
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:05:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 06:31:30 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15988181437760968462/ Frame 58B6 16 KB
16 KB 74ms
34ms Image
image/png 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15988181437760968462/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94c6aebe533b553900830629b37633a8fd940d50fc5354ea17faddf05c1a891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 06:33:12 GMT
x-content-type-options: nosniff
age: 5893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16051
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 13:57:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 06:33:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 77ms
35ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=discord.onl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 78ms
36ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discord.onl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1620 116 KB
43 KB 906ms
906ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea8bccc9c44e173c67cc1fb6eee4b72ce3c231863918df2ceb370f5bf8598753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 44357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 208B 127 KB
40 KB 879ms
877ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

585d82ec151a29d22ab3f74352c6a0e1eb8bae290f043d425fcf28cb1900ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 40759
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1159 117 KB
44 KB 710ms
709ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a967920e1b63a47ca77300a8649fcd4dbd0baa292b09fc0e6d6ac84c8b9d7fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 45060
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUq4rc_iMyf5d8TcRH_ZkL5TxHsstlZX4nnHOiU3yT5vBe1KIDvrehTK9yy8xHLqtIvr_3zbFskLiaBepsd6Js= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 118ms
76ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUq4rc_iMyf5d8TcRH_ZkL5TxHsstlZX4nnHOiU3yT5vBe1KIDvrehTK9yy8xHLqtIvr_3zbFskLiaBepsd6Js=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2ODU4Mjg1LDcxNTAwMDAwMF0sIjU0NjQ1NURBLUNBN0YtNEY2Ny04MTBCLTFCOEU0NEU5RDk2NiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vZGlzY29yZC5vbmwvZnIvIixudWxsLFtbOCwiMUl3Nm5McDQ5NXciXSxbOSwiZW4tVVMiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1Iw6nLp495w.es5.O/d=1/rs=AJlcJMwCrM9OpIgYa-534YcGsvzvUHnliw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1b1c761a8711ea53bff13c062751b5200ec770bd49e185a167611e5100225e9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SXzc8I40WVr_YvgAtNaQsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SXzc8I40WVr_YvgAtNaQsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/ Frame 3FA5 10 KB
4 KB 24ms
24ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 55576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 16:45:09 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 16:45:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/ Frame D919 10 KB
4 KB 26ms
25ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 55576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 16:45:09 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 16:45:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 58B6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac166959bebace4fda0378916c0ac2bc0c87090367aa2e781d8ca820059c7d9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 3FA5 4 KB
636 B 40ms
40ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 06:53:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3FA5 205 B
229 B 76ms
26ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 19:23:42 GMT
x-content-type-options: nosniff
age: 132463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Oct 2023 19:23:42 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3FA5 604 B
628 B 74ms
23ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:04:07 GMT
x-content-type-options: nosniff
age: 32838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 23:04:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 3FA5 19 KB
8 KB 80ms
25ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D919 0
0 52ms
52ms Fetch
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbltvLD1aY8zlJPyWoPMPtoyKqA_b2_PpbLiFj6n4ELT37tbSIxABIIf4uyJg_eiigfADoAHU0_r4A8gBAqgDAcgDyQSqBMsBT9BflGu64Gi_4-4sNELKJns_rczomPZSXRjee-Hkn0d-tQYpRDASTV9_aplTsQisfLe8jpVvLPKyrX7dBt_54Bqzb1y_EjDwrjeHM26Yutnz4gakdphwPPJde9KGqjB9fEvYCCkAvOdEzK03TfbiJBDtUNAtNAOFd2PKW1WOKVzH8fz4KylYftNv1j0x_jnULkXnVIkYKVB9HVzocAuru0K4zTkzD03SZyPocNvGQOeN1d8cwUz9-ocnzv1sRK3uELwiDYBpv81G5vjABOj784aTBJIFBAgEGAGSBQQIBRgEoAYCgAeUrIUHqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5so60ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTkyOTE1MjgxNTcxNzgyMzkYAA&sigh=57jeDi2LxiI&uach_m=[UACH]

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 08:11:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame D919 23 KB
9 KB 69ms
26ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 6971927017220489125
tpc.googlesyndication.com/daca_images/simgad/ Frame D919 37 KB
37 KB 78ms
35ms Image
image/png 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6971927017220489125

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0c01c43c717189da45999cb1340bae85d37ec079eb35d9c0ab823c45c83570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 07:04:48 GMT
x-content-type-options: nosniff
age: 3997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37713
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 05:34:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 07:04:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame D919 3 KB
1 KB 107ms
64ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame D919 17 KB
7 KB 73ms
31ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D919 152 KB
46 KB 129ms
77ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame D919 33 KB
13 KB 107ms
65ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
server: cafe
etag: 5057659360189610740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 58B6 15 KB
16 KB 77ms
25ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 45568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:31:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 58B6 15 KB
15 KB 78ms
27ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 440625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 05:47:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE97 8 KB
895 B 45ms
45ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 06:43:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame AE97 2 KB
765 B 48ms
42ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame AE97 23 KB
9 KB 31ms
27ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame AE97 3 KB
1 KB 46ms
42ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame AE97 17 KB
7 KB 36ms
32ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE97 152 KB
46 KB 96ms
93ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:25 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame AE97 33 KB
14 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 05:17:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB8D 143 B
166 B 25ms
23ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 07:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F9A9 247 B
958 B 98ms
34ms Document
text/html 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

sffe /

Resource Hash

81e366057d3de5d30d58c88e5dfc3d3b41ab47a4e950dfbdd4b186240ef2bda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 201
content-security-policy-report-only: script-src 'nonce-ne1Mcdlqlo8pcXRE6nxiOg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D919 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8501dbe9d9b77f9e894b13cdee282ee7e71bc7f01d7cbfc497edd71a3ea8848f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B71 143 B
166 B 22ms
21ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 07:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A67E 36 KB
16 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB8D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
expires: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F9A9 4 KB
2 KB 78ms
35ms Document
text/html 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.163 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

sffe /

Resource Hash

e9787481a2d6a27f5b79f4f28d47685c401079a41219f643b804ef50193a131b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1861
content-security-policy-report-only: script-src 'nonce-Ulxt8On63rgx5CACGPUM2A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
36ms

Document
text/html

2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
expires: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E3D0 36 KB
16 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EB75 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1159 16 KB
976 B 39ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:11:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1159 16 KB
976 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:11:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1159 35 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
server: cafe
etag: 10882980839202096411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:49:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1159 152 KB
46 KB 55ms
54ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 1159 23 KB
9 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1159 3 KB
1 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1159 17 KB
7 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1159 0
0 78ms
36ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiA48n5Eaxm-IiNduJ4rzxvn-vhxGz7-v3r7vogGcO9MZsUVgKAWkeP7CKJ5UDiZNv5zQRK3EQnDSJ4bxaWJqNXGfJUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8768036894988196964/ Frame 1159 18 KB
18 KB 81ms
81ms Image
image/jpeg 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8768036894988196964/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoImAIQmAIYASABLQAAAD8wmAI4mAJFAACAPw&rs=AOga4qkASebkYN-cuX7y_QRc0Kl9ye82xQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5f909734d5d24ae216c6824ea5350edc508644155aa4a75cc3dcbb166f2132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18910
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 08:11:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1159 0
0 49ms
48ms Fetch
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUU6kLT1aY7ymLaqexAO8uqngBrnv3ohtsKLZkv8PoeWXivMwEAEgh_i7ImD96KKB8AOgAfaQxOAoyAEGqQJ64WbFhr6oPqgDAcgDywSqBN4BT9BbQu8Vt4NsSHgsCZp09LUoZiss9SmYNxrQcP9ccue9EyZtNXB9Pl4nIx2B9q1hCn3xktmCSzxw7YWVKl92XUXZaS-g-UxsrSMGKgUMwSTS1D03RpVWefrOPeISjLBDCBffZJ51XdCUKCiucvncmzRjm4xPOZKhH6GhOICXbGjL7B2Cai7AC9mRMlb0mr_hRsXgcy5zYlbgxF4lCsZmLU12cSNy0wwvX18Kmji4daUu6Ni4Hmx8TYFP2cFBjH-GmL21bVokmD6OMtxuZWyFo-J6k3jVBX1_0RIyPt7fwATJ0ZyykASSBQQIBBgBkgUECAUYBKAGN4AH9siUwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDXqgbSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTI5MTUyODE1NzE3ODIzORgA&sigh=mzk69LjtPC4&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 08:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1159 16 KB
16 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 01:31:33 GMT
x-content-type-options: nosniff
age: 23993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 01:31:33 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1159 44 KB
44 KB 22ms
22ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:34:59 GMT
x-content-type-options: nosniff
age: 164187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:34:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4B79 143 B
166 B 20ms
19ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 07:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3CC9 1 KB
643 B 19ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 05:17:50 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 05:17:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1159 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b48edfce56eb894a0016de19b7d872d02d4b7b2adbd87d55193cea636f533063

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1159 15 KB
15 KB 20ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 440626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 05:47:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 208B 8 KB
895 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 06:37:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 208B 2 KB
765 B 19ms
19ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 208B 23 KB
9 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 208B 3 KB
1 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 208B 17 KB
7 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 208B 0
0 38ms
37ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoupuFP92BB87o_DN-8cQXvGh6X6JgQ8XtOZFKLvNrG-pQnArS0E-NBuwZs_cEFF_RWdu7EQN_96JW54_DMUnXMKPUKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 208B 152 KB
46 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 208B 33 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 05:17:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CC9
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8NqoH19O4CeF1u7mq1lAHwj1jvuo3AKUqLppfYV6toC4Pm6FiDKu78enlTWuhusAzSFpGQNxXH5k_FzIot7TNBvXR4qA_PD6gDfc4AT8RHBGGlcCTezOlnze_8UJCt-JSMRTIQ25k...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK766JoGEgUI6AcQAEIASpsBZ29vZ2xlX3B1c2g9QVptUHhnOE5xb0gxOU80Q2VGMXU3bXExbEFId2oxanZ1bzNBS1VxTHBwZllWNnRvQzRQbTZGaURLdTc4ZW5sVFd1aHVzQXpTRnBHUU54WEg1a19Gek...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT1hWN2tZaGFyT1A1MjYtZ083VC12c0psNGRMS3VzWUxuUm1vMFRMc1B4SQ==&google_push

170 B
188 B

37ms
37ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT1hWN2tZaGFyT1A1MjYtZ083VC12c0psNGRMS3VzWUxuUm1vMFRMc1B4SQ==&google_push

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 08:11:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT1hWN2tZaGFyT1A1MjYtZ083VC12c0psNGRMS3VzWUxuUm1vMFRMc1B4SQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3CC9
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEJ-gGma6ZqlD7ff7IMHXf8Q&google_cver=1&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTI...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTIw4l_7K2Q1ct_6hBR1ddx3qRHQA1-L7f2gEQvM7k1ie2D...

170 B
329 B

40ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTIw4l_7K2Q1ct_6hBR1ddx3qRHQA1-L7f2gEQvM7k1ie2DBZG-uDbJIBY2nRCFuY&google_hm=MTA2MTc3OTkwNzIwNDI5MTc1MTA

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg9_Y4Q-Mw87bmbH4pdBu72oP5j9mhIj3ZhzGE1AV91R0in6mnHcXz-deQnfT7k6-ADtvmzqE5qTIw4l_7K2Q1ct_6hBR1ddx3qRHQA1-L7f2gEQvM7k1ie2DBZG-uDbJIBY2nRCFuY&google_hm=MTA2MTc3OTkwNzIwNDI5MTc1MTA
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CC9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
35ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-V0QOl2rkoL9AMdPwumYGx2B9cPmiFu9hQ40X1mLQbzrZCSRqFg9dhzsr__aRVQLp4rJU4x47gj1r3IvZFt5W-_7i-F33oNIlw5rsFw5BFqRXlcoM9DPEXo0t8ScTOt_s-baV48nQ

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-V0QOl2rkoL9AMdPwumYGx2B9cPmiFu9hQ40X1mLQbzrZCSRqFg9dhzsr__aRVQLp4rJU4x47gj1r3IvZFt5W-_7i-F33oNIlw5rsFw5BFqRXlcoM9DPEXo0t8ScTOt_s-baV48nQ
date: Thu, 27 Oct 2022 08:11:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CC9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1Z...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSEotMVotMzgyVg==&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1ZHo7u6G4S5V_4EgrpovU2NlCuGe...

170 B
188 B

37ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSEotMVotMzgyVg==&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1ZHo7u6G4S5V_4EgrpovU2NlCuGeNVbQisXFYq9B6mys3e26s5oKxA_auG01YdMATT4ig

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSEotMVotMzgyVg==&google_push=AZmPxg9TTEVOs0Cv94n6cMgDnK5o9hz44w1Eiqizj2CKTRITmXcbB59v8_iP4cZtx56oHwZSo1ZHo7u6G4S5V_4EgrpovU2NlCuGeNVbQisXFYq9B6mys3e26s5oKxA_auG01YdMATT4ig
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 3CC9 43 B
296 B 394ms
24ms Image
image/gif 2600:1f18:445b:901:c207:98fe:6e39:9561
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMs9ZCojM7PoIadJQ44nHQQ&google_cver=1&google_push=AZmPxg8dNuDJBP-b2FyRebdeljBvH1JqDNq3n21YjkuIKxSiWtwxdQL6-dp99UwG65mWievD06RhDZqrRiV3luseJfElmKGldnbQom78Ikmvng4aEvxMDCiGG30FBhX-nyJtFT8Eamg0a6c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=377&adk=3603257614&adf=48851659&pi=t.aa~a.3163107375~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=25ead026&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x377&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1980&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317%2C1200x404&nras=4&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=XZGY1bLmPB&p=https%3A//discord.onl&dtd=186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:c207:98fe:6e39:9561 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CC9
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKa7iwtvfGH-0C0mm5ynMjc&google_cver=1&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaE...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaEpEzH9dFdJJrEQXLVAlUaeLHc_MweI...

170 B
188 B

77ms
38ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaEpEzH9dFdJJrEQXLVAlUaeLHc_MweI1rf_2m0N1NYA&google_hm=61493628ee32d5bf1d27e9029508bd9a

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-TYI7gn3diAW9vgfFB0lXDLFhmTFr14S63BLHppXxWh_2dbLd4qSWYnufllCVNMIr5sjbrPKIva1uneYd84X2x2W1OeNzaEpEzH9dFdJJrEQXLVAlUaeLHc_MweI1rf_2m0N1NYA&google_hm=61493628ee32d5bf1d27e9029508bd9a
date: Thu, 27 Oct 2022 08:11:26 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 3CC9 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3CC9 0
232 B 82ms
34ms Image
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAWc1IiVg50HoQOTb2r22z7TEEhphgk5xvyWAKfjx0O50wE8kERIo6rDoeZ00XpxTmnMDkhg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 208B 0
0 47ms
47ms Fetch
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxm7VLT1aY7SDLduGoPMP_b-TgASo64fGbPWf8oC6EMCNtwEQASCH-LsiYP3oooHwA6ABz8axvijIAQmpAnrhZsWGvqg-qAMByAPLBKoE1QFP0IAFCAdDd2KRoO3VgFGV84rqurNvsWdKGSJZzycJRwPztlFI2JGWXH77vBe1hr2nWcyXQzMbQLPCwc90OWrw7B1KxMnuB_HofqT_m4lmDagQx9LclNnWWnO8Xg0tAxO5Wj_7fdP5W44XzXSJBmwtYEG0HadEdq3NrDKB-m72z7ZEEGNquzziIOqWAb58UMkjXxH7VYGJuR0rNfIaQWx1abO_xv0XiifZgt_pbzUjy_vuMZtOgnuNEzA_cGYI4mZ2clfr7ry-5CNVc7DNc7LQPtnyCL_ABNvks8iaBJIFBAgEGAGSBQQIBRgEoAYugAfP_oGeA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP2DEtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItOTI5MTUyODE1NzE3ODIzORgA&sigh=9m2Vmi8cVp0&uach_m=[UACH]&template_id=520

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 08:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4B79
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
expires: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1620 16 KB
976 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:11:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1620 16 KB
976 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:11:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1620 35 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
server: cafe
etag: 10882980839202096411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:49:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1620 152 KB
46 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 1620 23 KB
9 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1620 3 KB
1 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1620 17 KB
7 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 05:17:49 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 75A5 36 KB
16 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H2 400 data=2OUR64wwYfoE8kRCqA-RibaBWt9Bj_OLyqgqEzC5hvnKmnEjTh-PE8tZibb0kk_ZIlwirOg-0tsQuqiNV0GRNoxh
mts0.google.com/vt/ Frame 208B 0
0 66ms
33ms Image
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=2OUR64wwYfoE8kRCqA-RibaBWt9Bj_OLyqgqEzC5hvnKmnEjTh-PE8tZibb0kk_ZIlwirOg-0tsQuqiNV0GRNoxh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 208B 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 208B 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 208B 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 208B 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 81E6 1 KB
643 B 21ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 05:17:50 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 05:17:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 208B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58ba75eeca5da6345a68a261407ec76b5694a8387e23c1c6ac8bfb2e153950d9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11321365103813873323
tpc.googlesyndication.com/daca_images/simgad/ Frame 1620 50 KB
50 KB 21ms
21ms Image
image/jpeg 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11321365103813873323

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0faab475c383008b4e6905b16412be2362a4f7b6dddf185d425607d9844c284f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:19:20 GMT
x-content-type-options: nosniff
age: 71526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51647
x-xss-protection: 0
last-modified: Wed, 08 Feb 2017 19:01:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 12:19:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1620 0
0 49ms
48ms Fetch
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1EWFLT1aY5fdLM_l_gTs7ZeAApuTifls_OnYhpEHkIOFngsQASCH-LsiYP3oooHwA6ABmueg5wPIAQGpAnrhZsWGvqg-qAMByAPDBKoExgFP0JmNJs3NWNFHqZYYbAjAhlOv3kM11-s3WMuBF93abAOKFvJZrqeCyjaMBvArqzNmiTgUCBbNqQDFRr_IROsTf0HsS4yZeHQXnlpFbERh9sADh0LSt3WRXLIB-M88Rj6qHFTDPvakGJSfzUPGPFoGVZbs2B4snSDM5PWFz5kdhw7yq-qlvu2miy8S12PiYNa8b83VExYDRwFbugkYspbCisslP5znjEj9y-Upv23FgLrKpYstCDKF_psVqUbAxVNQXuLBgj3ABOarme8FkgUECAQYAZIFBAgFGASgBlGAB86Y3xioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDirQbSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItOTI5MTUyODE1NzE3ODIzORgA&sigh=0YD3HgUY040&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 08:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65F6 143 B
166 B 22ms
21ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 07:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 82FC 1 KB
643 B 21ms
20ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 05:17:50 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 05:17:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1620 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c61d89ca3893093c0604f89cf272b17ba1bf9fef2c6b715f64dc638d901cdfd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1620 16 KB
16 KB 20ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 01:31:33 GMT
x-content-type-options: nosniff
age: 23993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 01:31:33 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1620 44 KB
44 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:34:59 GMT
x-content-type-options: nosniff
age: 164187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:34:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1620 15 KB
15 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700|Roboto:300&lang=fr

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 440626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 05:47:40 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 208B 28 KB
28 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 41810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 20:34:36 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 81E6 35 B
462 B 97ms
25ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFvF01Paru5ahJEqbbPoWR8&google_cver=1&google_push=AZmPxg-kn45MNRujSK9kn5eydP-7z4GgcOBHOh6FvJc8duqAuVU3L7FSuxx8uh32rpmBp3zYBFQtLGuSaa1Rfmstm_n9n8am4bcWfMPiuPWXIHzGyvhcW7xRGaRDyz-eCzNP5LZS_wSG-eSh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQ...
https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQ...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5Mg...

170 B
188 B

35ms
35ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5MgweS5FmAupq&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_ViYAK2kNxtPCn7HGh88eLcXk0eD_3I7JNhKI4YaE09Tdg7HDhFEY7eVSsMAmL4XGHYqAZ_19IFwPTtQrH4OVdMwl4TaYqQUUO9TL8CNFZtRc5uxpK7n59GVH3OEa5MgweS5FmAupq&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: smpbots9onbl104l9qcj5qj57n35fde3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

37ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-HFnkFoan5Z4yRipqW_Ce-RxmVEAQd17fK4SFHljYEarw-Ui6_Hc9jI4b2ihjcBYjIyTRR5Bhmbie6QOvB20GuMzi2tgJRcmcGzD6Aul7u6ztaIqTKVZXXXtG1cY479n8DHf1UWGG3

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-HFnkFoan5Z4yRipqW_Ce-RxmVEAQd17fK4SFHljYEarw-Ui6_Hc9jI4b2ihjcBYjIyTRR5Bhmbie6QOvB20GuMzi2tgJRcmcGzD6Aul7u6ztaIqTKVZXXXtG1cY479n8DHf1UWGG3
date: Thu, 27 Oct 2022 08:11:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSkItMTUtQTBTSg==&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0X_qOPfeOqyCdqBhp-TQcXfgUvk...

170 B
188 B

38ms
37ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSkItMTUtQTBTSg==&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0X_qOPfeOqyCdqBhp-TQcXfgUvkyspPQVKSd6yM81VqBtYBZqUCjlX2fu_-l7ehUxWgJTV

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYSkItMTUtQTBTSg==&google_push=AZmPxg_kj5Bo6vSzLCfPGRjZjYjXL7Q_8hKN7GR88b03GmIdE0xAxiJwNNvYfqlnHJSdNQFGEz0X_qOPfeOqyCdqBhp-TQcXfgUvkyspPQVKSd6yM81VqBtYBZqUCjlX2fu_-l7ehUxWgJTV
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxF...

170 B
188 B

36ms
35ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxFJ0VMD1F8BsU--Lymw9HDJcThb-FfeEtDl_YxTsxK-JxmtNBE4Y07D4f2Ekpk5ywQookRvYP9m2MJ6BS8hamYR_7GGbXwNOzCq1YZFL_hvRf

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg9vGnihBDU65NpwMWEyFnbZBVgbEqCxFJ0VMD1F8BsU--Lymw9HDJcThb-FfeEtDl_YxTsxK-JxmtNBE4Y07D4f2Ekpk5ywQookRvYP9m2MJ6BS8hamYR_7GGbXwNOzCq1YZFL_hvRf
cache-control: no-cache
cf-ray: 7609f605dcb8a21c-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 81E6 43 B
295 B 163ms
25ms Image
image/gif 2600:1f18:445b:901:c207:98fe:6e39:9561
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMs9ZCojM7PoIadJQ44nHQQ&google_cver=1&google_push=AZmPxg-cmvE13ytfelY0KZ-ZUkZf5fH4zifCrS3nthEjbuRlZwyVDFeynsEWmcanvh1WxIdMX6Bz2s0KoXBpKy-1q_hlp1hT2Vj-7Fq-7hK-dpcMaS0jsP3tctLUKjeV_e6kh_jOq03-Kxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:c207:98fe:6e39:9561 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E6
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKa7iwtvfGH-0C0mm5ynMjc&google_cver=1&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJ...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJGKSdoZ2WfQWcHEp7xlOQXBwln4zPu...

170 B
188 B

39ms
38ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJGKSdoZ2WfQWcHEp7xlOQXBwln4zPuc7xQdDy-xLaF8&google_hm=61493628ee32d5bf1d27e9029508bd9a

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-ZCst_gBtK1_tZ073g9K5ZWePpSG1jx_u-gxGMMP_xBr8uWhRt6JM-UkFCiF4DrO6lqRL3PSt_iIFPnbdd0luUbaHqwy_JJGKSdoZ2WfQWcHEp7xlOQXBwln4zPuc7xQdDy-xLaF8&google_hm=61493628ee32d5bf1d27e9029508bd9a
date: Thu, 27 Oct 2022 08:11:26 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 81E6 0
12 B 35ms
34ms Image
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdngG_BcU6iGxxVbMNwzxq4qG4u_9-cndhyO9nDuDDEOjeTC1XuXav37VGEpa7SkkwUXB0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 82FC 35 B
463 B 47ms
25ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFvF01Paru5ahJEqbbPoWR8&google_cver=1&google_push=AZmPxg86TigQo4OE7P1UlFYQjPoA-D_6o8UtRLCuWsP_IGs_vNtaujf5EneKOF6OwrTlQiZVJzqK3FyUB6ZFPyEHb9UZLdMwzwiQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_lFOEN...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_lFOEN...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcwODExMjcwMDA0MDg4NTA0OTEwNg%3D%3D&google_push=AZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-r...

170 B
188 B

36ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcwODExMjcwMDA0MDg4NTA0OTEwNg%3D%3D&google_push=AZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-rwsz9hDHMnTKV9Uv-06q4kZdbDP_Kk

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcwODExMjcwMDA0MDg4NTA0OTEwNg%3D%3D&google_push=AZmPxg_lFOENHuZTJalqL71Ikqmlp_m31k-fsU6AHaG4OjPrZtkRwgHlcU5Q-ZIEEEz0-rwsz9hDHMnTKV9Uv-06q4kZdbDP_Kk
pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 27 Oct 2022 08:11:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA
https://rtb.openx.net/sync/dds?google_gid=CAESEIG0XhGrnOaknkLTpO_ps4o&google_cver=1&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==

170 B
188 B

36ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-40816_I5nCyDX-zlhnWTh_IeRhkLkb4m_YB2wzSHvBICJXuYNyRG89-dXijyGXHRsx4SVPOJAkHR5M9ZA7mHF_w7o-nA&google_hm=f1wWwkMpwlk8tQwjgJIUDQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 9mru4ljjbma2c9g9ke8o50q2pmkvr21r

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
35ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_cuFESjqqHSf0EEj7TFpldrbEd65MAqUd4GJIzGc4-MIceIZ3PGtybMPWFkA3NGnqCDv4RdpLDMZnvbWAUZJezaQSM3r03

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ro8MuXjGTnq74PeKOItf_g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_cuFESjqqHSf0EEj7TFpldrbEd65MAqUd4GJIzGc4-MIceIZ3PGtybMPWFkA3NGnqCDv4RdpLDMZnvbWAUZJezaQSM3r03
date: Thu, 27 Oct 2022 08:11:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQzeqaCK40DhvIDeC7g8pQ&google_cver=1&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Za...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYS1EtRy1FNVlL&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Zak9sWtHFfxzN3ITLgm2MOnkvp-

170 B
188 B

37ms
37ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYS1EtRy1FNVlL&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Zak9sWtHFfxzN3ITLgm2MOnkvp-

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlRU0RYS1EtRy1FNVlL&google_push=AZmPxg8RQTSHb77WeHEOOD5qGogTjrpBNWzBTD6BvqDMecCRg2grOWLzYiaFolPiT6butQc48Zak9sWtHFfxzN3ITLgm2MOnkvp-
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur...

170 B
188 B

36ms
36ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur9d48OI1jXG4PSya5tAZsgn3PnkavHHfKc2AxIiRY48nfvQDG6kyU6r8eV6sGKE

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP03QzrNUfG_CfTyFs9eY1s&google_hm=Y1o9Lqx8aJ01xjLaDWxKWgAAABoAAAAB&google_nid=index&google_push=AZmPxg_m_hRsQtYlyDxVgQexCHmZbpLgWUvur9d48OI1jXG4PSya5tAZsgn3PnkavHHfKc2AxIiRY48nfvQDG6kyU6r8eV6sGKE
cache-control: no-cache
cf-ray: 7609f605dcb7a21c-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 82FC 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 82FC 0
12 B 34ms
32ms Image
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRZVGcgbFxlGd8p_7uliRAqvJc2048C_imqiWwJAby0nfspZ5EIFir6ezz7edl9v42qXlXEA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 05F2 36 KB
16 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=404&adk=3937670188&adf=2140728177&pi=t.aa~a.3163145364~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=76ffc01&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x404&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200%2C1200x317&nras=3&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=gdteqCFfDG&p=https%3A//discord.onl&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 43ms
42ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.383832660491411

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ft4rw1VYxhb7WWDjg8JaUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-ft4rw1VYxhb7WWDjg8JaUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 130ms
130ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.245352737701298

Requested by

Host: discord.onl
URL: https://discord.onl/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nzTlXryAgr7UqhEKl5ydJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-nzTlXryAgr7UqhEKl5ydJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65F6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
expires: Thu, 27 Oct 2022 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D1CE 36 KB
16 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9291528157178239&output=html&h=317&adk=1829647654&adf=537922958&pi=t.aa~a.3163108496~rp.4&daaos=1666842381527&w=1200&lmt=1666858285&nsk=ffe51467&rafmt=11&pwprc=3830047255&psa=0&ad_type=text_image&format=1200x317&url=https%3A%2F%2Fdiscord.onl%2Ffr%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666858285522&bpp=1&bdt=1979&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3339754535d8b1d6-22d9dd9ec3d700ba%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg&gpic=UID%3D0000089432b411fe%3AT%3D1666858284%3ART%3D1666858284%3AS%3DALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6535789357431&frm=20&pv=1&ga_vid=545394993.1666858285&ga_sid=1666858285&ga_hid=1707167274&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C44774648%2C31070307%2C42531705%2C44774652%2C44775017&oid=2&psts=APxP-9ClWgA3H_mucOrQiwIb-xgvzVUUIhzZVvSWhSffkK1-o0Lbs26sRFpDlAgGRCvmvkUow2mFY0qb9vQGOGIaaw&pvsid=3647855503350130&tmod=756046907&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6UeEzgCp8m&p=https%3A//discord.onl&dtd=177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 58B6 42 B
64 B 79ms
39ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-d-OvGBG9tT9Gq2PQ_uDoyU0j0K7GFmj1oGJuLkjIUyTlezyp7773u-BM9olo8W-Vnzb3aXtf3314Z0FGzpjEJgrsQvqhkOf5Nb5M4AZulXtPd4WJNjoYuJAJIGBrY3Q7wwk&sai=AMfl-YRXyk9SWpptJRcAt1jF12-7c7xrQ7o-nF4_cbIBL1690bZIdx_3jrUcdRVtpib_2cKW5Bgkyeg2CUlBBeo&sig=Cg0ArKJSzAzt6Pzpk0pFEAE&id=lidar2&mcvt=1005&p=0,0,200,1200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2159543937&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666858284529&rpt=1440&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 96ms
53ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h71tOP-oE9lGnP-m5rtOdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h71tOP-oE9lGnP-m5rtOdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://discord.onl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 45ms
45ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221025&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5affe70fd2a58249a0ff5cdc77a6773122f8676b68c7f626190323fe0ebc7f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11125
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D919 42 B
64 B 40ms
40ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstieZeUoEXLKLm7ZJTIl2Z1nNqojTUCSef2t7Bj5xjVBs3J26qG1eSFdZGpo_1gaFbqF1xdgAaKru1ag6K-8KOzCHUk9qKGTJcN2A4zkASHnzLZTm5_elI3FX6V6WKlAKTtFdQ&sai=AMfl-YRFcuVeFmt7S98EWOqSnkWrBQXJNpTggDO_qvSZblJuT28_AvCLb2Nly8JuXsosGm7hAL06Y67LvJCL_Y4&sig=Cg0ArKJSzC6b8N4rgReREAE&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=83,780,1002,1040,1040&tos=83,697,222,38,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666858285726&rpt=292&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 08:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 08:11:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63C6 13 KB
5 KB 21ms
19ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 14019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:17:48 GMT
expires: Fri, 27 Oct 2023 04:17:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C8AD 783 B
533 B 41ms
40ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ed557ff6dd15922f87bc191569806f5f95fb1e3407b02355dda86a5a349ba0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w91-ygLSlqeJjyr-mSPHEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-w91-ygLSlqeJjyr-mSPHEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 08:11:27 GMT
expires: Thu, 27 Oct 2022 08:11:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 63C6 36 KB
16 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 01:25:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8AD 0
0 40ms
40ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221025&jk=3647855503350130&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63C6 0
10 B 26ms
25ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZSxtCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ad-vertical-.jsp Show response
fundingchoicesmessages.google.com/f/AGSKWxXWJ9xSEpcerOHAEAC4ASN3dgc2ulpV-UZFmG9qxxuSKtq8Xgy3-TbSYH9AJ3jmNeq1Y2xXLyXu7x2w2iBTCewpk6IsK6h0V8AzXvxEU8F8tdhi6UFZpdfErh0lQOa-dENemSq_FfoCpe1AjAYTE_YRIkk6D... 54 B
109 B 44ms
43ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXWJ9xSEpcerOHAEAC4ASN3dgc2ulpV-UZFmG9qxxuSKtq8Xgy3-TbSYH9AJ3jmNeq1Y2xXLyXu7x2w2iBTCewpk6IsK6h0V8AzXvxEU8F8tdhi6UFZpdfErh0lQOa-dENemSq_FfoCpe1AjAYTE_YRIkk6Dbh5nnX9K0__G29APW71NS-uzNxR_ouw/_/adtext2./ad-vertical-.jsp?adcode=/app/ads./slideinad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1Iw6nLp495w.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwCrM9OpIgYa-534YcGsvzvUHnliw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a031be9a751e5909f4f827f8776719dad39507cd6c233ad41db52b3bae818c76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6l_jqQHYZMJWsfwJ4LTL1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6l_jqQHYZMJWsfwJ4LTL1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1Iw6nLp495w.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwCrM9OpIgYa-534YcGsvzvUHnliw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:04:41 GMT

POST
H3 204 AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aO-XrDMx9CxA3FqbMfnwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aO-XrDMx9CxA3FqbMfnwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://discord.onl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gZ_a4kkQYZt6Z_Ymo1rO1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gZ_a4kkQYZt6Z_Ymo1rO1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://discord.onl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
52ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nTvvKFYebqnpEd4ldQifWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-nTvvKFYebqnpEd4ldQifWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://discord.onl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
53ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxBZ9ITmBzGJMh337lXTAWu3JhKYGKzxVsLNd71NmDXaf1JmeQj4Rwj8sIBCAhLXlwyAw1qGLky861C1RzlBmh-owEPYggUu686WqCB_cH-K4eSfR1H8OSImQMOyHiwibkGVe7Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0OOHAngqcf3L_BMqUdLlqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0OOHAngqcf3L_BMqUdLlqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://discord.onl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU-DJUD6S9zjmBePXk-knEFHGDdNavN9JgEOVFqPiuqP1p4KMgkifNA-ydWtNHbe5OW5Ir06wokla056-ySsxUqU-PL5x4Izq_BokKIcI-7zofEo2AeUUnDDTyUg_NVlrTbv5sifw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 96ms
96ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU-DJUD6S9zjmBePXk-knEFHGDdNavN9JgEOVFqPiuqP1p4KMgkifNA-ydWtNHbe5OW5Ir06wokla056-ySsxUqU-PL5x4Izq_BokKIcI-7zofEo2AeUUnDDTyUg_NVlrTbv5sifw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2ODU4Mjg3LDcyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZGlzY29yZC5vbmwvZnIvIixudWxsLFtbOCwiMUl3Nm5McDQ5NXciXSxbOSwiZW4tVVMiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d744ef2d6bfbd4351c035871c7182947c9d29a5bc3a9e0b1f55b7ec17490a7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AMMzhx4xaQ-5lmMIhWsNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-AMMzhx4xaQ-5lmMIhWsNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXX0vmJhHOi6PirU4pbIrc37ZGk6StBlzo7kNEhzIxjnSBEIMjcPRefyTAH32hnXJwFsEUjyGZB02rJPw5wk4NMqKED9BKN4BT5PP48swxHUUwj_MUmv6xbJKkThuYeQJyiQp_FVA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
46ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXX0vmJhHOi6PirU4pbIrc37ZGk6StBlzo7kNEhzIxjnSBEIMjcPRefyTAH32hnXJwFsEUjyGZB02rJPw5wk4NMqKED9BKN4BT5PP48swxHUUwj_MUmv6xbJKkThuYeQJyiQp_FVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xp_MKkqDvZ2JDwACksOKyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-xp_MKkqDvZ2JDwACksOKyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://discord.onl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXN-bz4v8SgjcfxmoDfNoi0_U2rKzFHOuKYNCEbWhUeMbBBK9rJt9ZFlsCgmKpZIz1ow_5IVL-e_vJ7RQLy5vA2BJCQ8B_BDc4_Rddxxx7BrZHuqZp2fzl8YrqiDo9tDwQ09kN1OA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
57ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXN-bz4v8SgjcfxmoDfNoi0_U2rKzFHOuKYNCEbWhUeMbBBK9rJt9ZFlsCgmKpZIz1ow_5IVL-e_vJ7RQLy5vA2BJCQ8B_BDc4_Rddxxx7BrZHuqZp2fzl8YrqiDo9tDwQ09kN1OA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2ODU4Mjg3LDgyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZGlzY29yZC5vbmwvZnIvIixudWxsLFtbOCwiMUl3Nm5McDQ5NXciXSxbOSwiZW4tVVMiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

535e073fe5d0d85b18610410f1f81e7beba32557db8b07382f10f2bd93f8e5fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UdDMo-C1IRaXHtYq17sdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-UdDMo-C1IRaXHtYq17sdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221025&jk=3647855503350130&bg=!z8ylzIjNAAZPh4lnb4c7ACkAdvg8WkLHUJUJvuyOEVLUXcwN9MfVB3vpPDTwRRdIDUuWujgpnPPoJAIAAAB8UgAAAAJoAQcKAGJYf1KrGEF-JHYIGTBPkK4d-0C0pC6fP5O9F6g2b2zc06SESqznOCtIte3Vr49QVPbaPeHWtC9vKJM1Zi949Hl_u_rm_CFEUj29SEJJyK-zKUmxPg9qB0ZwDt9FjpchxOlyApkCoKe1-7h7ZkLJdRgiaqg2omJwG2rzQmTIXfltD4dOQJWOXFroHZZkQNhm1Y3iTl26FQJcEiwNUNW2XKf4CKGQGaLb6yBWCDqp35RxCnIzTZ1LZJBW4SofIxJe34476RST5GkNGgBM-H0mFKuE8KCPyhAQASLTmnwXrejYUECsxqahOcs3h3ir3GVCzD50g7B_alUSc921jNQmGAUEx9H805R5R0tqyAC2BZc57OMmxbItwpVgpLwzNxdjZ0HRzhe8diwxc9YKpBWzmIVQJR_cYQ8WgMimb4fG28obDK5WOKfdoZCTqrzhFIQ8HYWFYVz4m5m9_0ZVYe0-fC7yt9-yfT4nlaSxK660nzZmrr20Nu8W7VrsXQ00vM5rpVlNgq8ngYil_NUN39Sim-aVCsO179Yagdjhu4eE4604wa7Yhcv8RA226v6FOxJTCeYEOf25akCHThRpNFVnyi-FjFgjxQ2DqsSJqB0enSidFGw97gMXqvPuIBr-yzEjHHhZ-TUbJAlx93B0aOgNIizCume4gHfvO9etszAI8IgCgiZR8S8qKFmM2uqTjw49jFZqk8uw7VJiGtPyi0kixJiFOsvWV9KtrRKdfaCGopLMx6A15uRZjdjdqApNqd62-j1e2YoM1vuBJVggXoA0GsTQM_HhoXXdJYQXoizTOsJk8heWaIEvtm_3P2YXo3kZ3ywkQ0tGL41B-EYy4eX9RqxefAgFJuqKn-iW5_Q4zNipAQ1WsHhM-iCglWVYmuWBz9JbtUL0nBnGo_Qd--GtwEcmAwKhop9mijps8O-ektGgLcNO-6_yfKVDjPrI0SiVTFMnm_j5aQyBz7vWABs0Gvp0MkIpSIAM35HaovHcX37BuP7yWi6jiYNpCaaAl_ShvymEuJgyqg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 AGSKWxV-nlf5-3rFsuL0s48ngHEkL5BKGAOPow_ZfiJb1eLrUAgqEg8YR1oiYdSB_JYi85GCqq42ffN9Lc9XomZy6B9cUuVmGoeYCh4v17uMiIYnalK-jqX542HmwS88KsZrhaF3SBAFKg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-nlf5-3rFsuL0s48ngHEkL5BKGAOPow_ZfiJb1eLrUAgqEg8YR1oiYdSB_JYi85GCqq42ffN9Lc9XomZy6B9cUuVmGoeYCh4v17uMiIYnalK-jqX542HmwS88KsZrhaF3SBAFKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2ODU4Mjg3LDg5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kaXNjb3JkLm9ubC9mci8iLG51bGwsW1s4LCIxSXc2bkxwNDk1dyJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c592220db162f4fb3119362bd4a4db8816bd934449ba0bb5cdc792aaa567b9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JQrNNa0xt8-QK3glu3Jk1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:11:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-JQrNNa0xt8-QK3glu3Jk1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW6R4FEW6VcgzmhNki478dcnD9OZsZuj0xFBkMdLvoRKaH7ve02TUWkzYb3ImrlwpRMBTHfaIVC_u_8KfPuBMNP8Df0M0P196KLslFLGqra_CWgItdyJdVVV9mvfCPo5s1fQIk6ug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
59ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW6R4FEW6VcgzmhNki478dcnD9OZsZuj0xFBkMdLvoRKaH7ve02TUWkzYb3ImrlwpRMBTHfaIVC_u_8KfPuBMNP8Df0M0P196KLslFLGqra_CWgItdyJdVVV9mvfCPo5s1fQIk6ug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XJeMaUH3JhjXtbX0v7MZlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XJeMaUH3JhjXtbX0v7MZlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://discord.onl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXX0vmJhHOi6PirU4pbIrc37ZGk6StBlzo7kNEhzIxjnSBEIMjcPRefyTAH32hnXJwFsEUjyGZB02rJPw5wk4NMqKED9BKN4BT5PP48swxHUUwj_MUmv6xbJKkThuYeQJyiQp_FVA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 47ms
47ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXX0vmJhHOi6PirU4pbIrc37ZGk6StBlzo7kNEhzIxjnSBEIMjcPRefyTAH32hnXJwFsEUjyGZB02rJPw5wk4NMqKED9BKN4BT5PP48swxHUUwj_MUmv6xbJKkThuYeQJyiQp_FVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P4a2MeBSY4uGH8aYydipbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://discord.onl/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 08:11:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P4a2MeBSY4uGH8aYydipbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://discord.onl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPR9NdMaJPJFWV4HDn4c72c&google_cver=1&google_push=AZmPxg8ThDRWeLtebD-uNtdQlXO_ytL7fs6a8CUVL8iboMtTawtxuVFKRiyu1uTy2EHBV1ll4MiNK1m2wbecEfZbVnjWVGIa6QdoL26-6NcxhvMsVlhCls8ikDzGCr6s_iwwb9-mAg5kIQ5v

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPR9NdMaJPJFWV4HDn4c72c&google_cver=1&google_push=AZmPxg_TlmS-qpy6l15-x__Ri4m0PEzXrtJ7hBLASYUN4PgjKbppg8hEstv2XeYz3oCf_-2izWgwWTDJcaSPnIzTcfrrurm4HG6KZQ

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
discord.onl/	1970-01-20 15:46:34	Name: pll_language Value: fr
.discord.onl/	1970-01-20 16:22:34	Name: __gads Value: ID=3339754535d8b1d6-22d9dd9ec3d700ba:T=1666858284:RT=1666858284:S=ALNI_MahN38znf0Cyrd-n_tiR2zNcBi3Mg
.discord.onl/	1970-01-20 16:22:34	Name: __gpi Value: UID=0000089432b411fe:T=1666858284:RT=1666858284:S=ALNI_MZMMPiZGaRAGdRUtO-Bf-JyEomEhw
.discord.onl/	1970-01-20 15:46:34	Name: _ym_uid Value: 1666858285679794250
.discord.onl/	1970-01-20 15:46:34	Name: _ym_d Value: 1666858285
.doubleclick.net/	1970-01-20 16:36:58	Name: IDE Value: AHWqTUkNsE28VCp65c5OH1CHHpt1xPPAcvbSL9DhMYO_SG93i_Enc-WiZt6RGi4asAI
.yandex.ru/	1970-01-20 16:36:58	Name: yandexuid Value: 6712553581666858285
.yandex.ru/	1970-01-20 16:36:58	Name: yuidss Value: 6712553581666858285
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1480573341666858285
.yandex.ru/	1970-01-20 16:36:58	Name: i Value: uMoQETOEelvFopbtf5TfAXtHMQRZes6o8WaiXzbm1RLqnJLeNxc1hwE/2W9X2cVaz5sNuFwWIRDC0ap7pY1x21TKMEc=
.yandex.ru/	1970-01-20 15:46:34	Name: ymex Value: 1982218285.yrts.1666858285#1982218285.yrtsi.1666858285
.discord.onl/	1970-01-20 07:02:10	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 07:01:01	Name: DSID Value: NO_DATA
.mookie1.com/	1970-01-20 16:29:46	Name: id Value: 10617799072042917510
.mookie1.com/	1970-01-20 16:29:46	Name: mdata Value: 1\|10617799072042917510\|1666858286660
.mookie1.com/	1970-01-20 16:29:46	Name: ov Value: b439063bfa2a69062b54e1ec5c5b2393
.pubmatic.com/	1970-01-20 07:02:24	Name: KTPCACOOKIE Value: YES
.adingo.jp/	1970-01-20 07:44:10	Name: ID Value: 61493628ee32d5bf1d27e9029508bd9a
.rlcdn.com/	1970-01-20 15:46:34	Name: rlas3 Value: 7VNAsDrfgkSMFoyHmgyrNmy+3ejL7WERZVjRjdkIpd0=
.pubmatic.com/	1970-01-20 09:10:34	Name: KADUSERCOOKIE Value: 468F0CB9-78C6-4E7A-BBE0-F78A388B5FFE
.rlcdn.com/	1970-01-20 08:27:22	Name: pxrc Value: CK766JoGEgUI6AcQABIGCOndKhAA
.openx.net/	1970-01-20 15:46:34	Name: i Value: 73a6a3a7-4328-4480-8017-887c37ac1d4a\|1666858286
.quantserve.com/	1970-01-20 09:10:34	Name: d Value: EAgBCQG3J4EA
.quantserve.com/	1970-01-20 16:31:12	Name: mc Value: 635a3d2e-e14ae-a5924-f4da1
.casalemedia.com/	1970-01-20 15:46:34	Name: CMID Value: Y1o9Lqx8aJ01xjLaDWxKWgAA
.casalemedia.com/	1970-01-20 09:10:34	Name: CMPS Value: 026
.casalemedia.com/	1970-01-20 09:10:34	Name: CMPRO Value: 026
.innovid.com/	1970-01-20 09:10:34	Name: uuid Value: 2faecd6b-5c29-4d92-b3d0-38f169553e24-20221027 04:11:26
.e.dlx.addthis.com/	1970-01-20 16:31:12	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 09:10:34	Name: CMTS Value: 041
.addthis.com/	1970-01-20 16:31:12	Name: na_id Value: 2022102708112700040885049106
.addthis.com/	1970-01-20 16:31:12	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:31:12	Name: uid Value: 635a3d2fbe74f714
.addthis.com/	1970-01-20 16:31:12	Name: ouid Value: 635a3d2f0001db6ab9a4f3c87c3be0ec87c74571aae9e6929a02
.dlx.addthis.com/	1970-01-20 07:44:10	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:44:10	Name: na_sr Value: 20221027
.dlx.addthis.com/	1970-01-20 07:00:58	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:44:10	Name: na_sc_e Value: 0
.discord.onl/	1970-01-20 15:46:34	Name: FCNEC Value: %5B%5B%22AKsRol_e8p6sJZdZxu0vXXfNPKm_HAOhXOOrOIfKe6_u9goXdXdCuKkvf7E9ymZTI136eYBO6JxbIu9lszqJtezZnjOoFdWzEaCPSqHlR6DX0gJ4pueosscIImCZMVWV8r_Nlf_RDAYPhQ8EAGO9kT5bhtdtO9EnEg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPR9NdMaJPJFWV4HDn4c72c&google_cver=1&google_push=AZmPxg8ThDRWeLtebD-uNtdQlXO_ytL7fs6a8CUVL8iboMtTawtxuVFKRiyu1uTy2EHBV1ll4MiNK1m2wbecEfZbVnjWVGIa6QdoL26-6NcxhvMsVlhCls8ikDzGCr6s_iwwb9-mAg5kIQ5v Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://mts0.google.com/vt/data=2OUR64wwYfoE8kRCqA-RibaBWt9Bj_OLyqgqEzC5hvnKmnEjTh-PE8tZibb0kk_ZIlwirOg-0tsQuqiNV0GRNoxh Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPR9NdMaJPJFWV4HDn4c72c&google_cver=1&google_push=AZmPxg_TlmS-qpy6l15-x__Ri4m0PEzXrtJ7hBLASYUN4PgjKbppg8hEstv2XeYz3oCf_-2izWgwWTDJcaSPnIzTcfrrurm4HG6KZQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
ag.innovid.com
cc.adingo.jp
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
discord.onl
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
mc.yandex.ru
mts0.google.com
odr.mookie1.com
p4-c7jxliuykkbi6-icxrs7tzhuc2im5c-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
telechargerdiscord.site
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
googlecm.hit.gemius.pl
104.18.19.126
142.250.65.163
142.250.65.194
23.205.56.183
2600:1f18:445b:901:c207:98fe:6e39:9561
2606:4700:3031::6815:2d4f
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2620:116:800b:21:1456:d0e1:7db4:a56b
2a00:15f8:a000:5:1:14:7:de40
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
3.219.97.25
35.190.60.146
35.190.90.30
35.227.252.103
8.28.7.81
8.43.72.97
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
04482337206a0c544295d2674c6a663351f4035804950beb4940fceacc572654
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0faab475c383008b4e6905b16412be2362a4f7b6dddf185d425607d9844c284f
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1c592220db162f4fb3119362bd4a4db8816bd934449ba0bb5cdc792aaa567b9f
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
275f05508627736dac8e8a906f76f2e18bc0510632cb7eafa2b083723b9e9ab3
296f5722ef36477feb23f79b20a628df8baf4527d29e16ff161a5bc95dca3890
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3c61d89ca3893093c0604f89cf272b17ba1bf9fef2c6b715f64dc638d901cdfd
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
40a188f03311fcb5519c2213e0d943cd76ba00da173186b7d016b6f4538a0097
410d22eaea2831ffd285a523bf48b0e3c4a618569fe6aaf25d95ac227a9fafd6
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4412584e3ff8c42904558b1d315fc4a1f80c4a4f819f975230526c7ca5df3ee7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c3efcc1e5cf6c683ad7cd0cca6fa12511f4af8af187b7b079fbb21a28b5639c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
535e073fe5d0d85b18610410f1f81e7beba32557db8b07382f10f2bd93f8e5fb
53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555d42c59f2b48f5895b280d3d55599a4f242cd07facdb69acfc898f0c2c493d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560c0a4d83fc4365ac650ef00dc7ef49cdcd1118a11238d0c58dc4e3c02b3ca2
5695a45b920ebd68efb8d85e1e1f4fa7c94723c2c76ffc93bc3a4f6519768a22
585d82ec151a29d22ab3f74352c6a0e1eb8bae290f043d425fcf28cb1900ef44
58ba75eeca5da6345a68a261407ec76b5694a8387e23c1c6ac8bfb2e153950d9
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a3cb6cb4200a00561460c2285e6e7f3b61d8018a2da7b5b008daec00d903be0
5affe70fd2a58249a0ff5cdc77a6773122f8676b68c7f626190323fe0ebc7f81
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6434052af0ddf6b0203fc314c95448d2148edc35dab8973128a46430fd6152c2
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
67d5b124e961439d11e36574f70de5f10699f263def42c1dfd59fe2e2aca52df
6c5e90ca2070b294bf5a8c43040852386eedcde60f90a7ea22d4b2da8a604b8b
6c9e61e8fdf1be654b4b92ef3e9709366050c3a1a1ef4b51ad7e11eb0aa440c5
6e257dd2c11e03c667ffd7602bb2b44e7c586be0320200f117aba491574867d8
6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad
72255193a44617bbf529e5cae59717f754751bf85348e7492ee4c1eb87242615
79bec5b76df04cee7113c3d1afb8e163c7907a04b56335889fd95d03644ad989
7a3e58c23f03cd50a1433cd14ed6a7d6d3515d995315548a46556d7c12ac7d57
7a4e9eaad077165880b982842cc79f705c883e584c3fedaa1f2a97c016e697a3
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae
81e366057d3de5d30d58c88e5dfc3d3b41ab47a4e950dfbdd4b186240ef2bda1
8501dbe9d9b77f9e894b13cdee282ee7e71bc7f01d7cbfc497edd71a3ea8848f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aeaf18e6c87e0aa7b208d3624490c8197b1b27340eef26f0a84a14c5c6dfe41
928a02d4975285b6175eeb4aaa3dc4a141bb0dea4886de5a5ae5d6b286f0cc43
9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf6bf3dcc07223416fc8bbb8f49bff57d21c1c6dffd76f38f8c11e7d054c340
9d744ef2d6bfbd4351c035871c7182947c9d29a5bc3a9e0b1f55b7ec17490a7b
9ed557ff6dd15922f87bc191569806f5f95fb1e3407b02355dda86a5a349ba0f
a031be9a751e5909f4f827f8776719dad39507cd6c233ad41db52b3bae818c76
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a967920e1b63a47ca77300a8649fcd4dbd0baa292b09fc0e6d6ac84c8b9d7fca
ac1e700d43661d4b51b88a00dc7160528ac00980fe4d24d12ee1440727297140
ac5f909734d5d24ae216c6824ea5350edc508644155aa4a75cc3dcbb166f2132
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
ad333321b5de826d613d4f6d26a9654005b0b32c9a119f25d3e331ee27b8527d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b48edfce56eb894a0016de19b7d872d02d4b7b2adbd87d55193cea636f533063
b7d183dce188ef91df5ddcd9ff5378e1b64ce515ccb048ed2a1f32d4fd0a0a3e
b939061b62e0770e84fedfd26915aafe7fc418bd2a2fe8ceb433caeaccb1f3d3
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0356ddd1afe94c76868393b2208a0ecda550cd5dbf4d66ef8fb254fcdec7636
c1514c36f34a1bddd16f4b9b710e23d3c0644717302f94f00cb2071c0759dc5a
c1b1c761a8711ea53bff13c062751b5200ec770bd49e185a167611e5100225e9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c39cccc2b04f1f09b73968b5821432da79504faa06139581cfc01f40ea80edae
c89b6e821ab541ce1905373529ec95ebee1da51e95c9e8758ee438cd84cbec85
c9db31d43b24c3f411603160fc6554ceb91e1c628696646a13a563feddee0540
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdf63771fe4eebf151224f782c5b85b538c8c5652f819ff1ca35c12b8bc8038b
d5bbdcb19982fe95732f1402bd8cadcf407746cec57fa18043f6dd7b3dbf2502
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3e4c0019ce03ed0e8c782faa7f6288884d8814ebdd2d63b84685de2ef5f37
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
e9787481a2d6a27f5b79f4f28d47685c401079a41219f643b804ef50193a131b
ea8bccc9c44e173c67cc1fb6eee4b72ce3c231863918df2ceb370f5bf8598753
ed4c42660c3527b9331c2cab864af77792a69a4185632c35d2f3d3c737b1c740
ee43de7f6648dac36980de3bcf1bf0d34f07178fdb8afac80541f5cf1660cc5d
ee78e8a52d04c77290d81db4c14e041b189df16c3982e22f547de4d02e12eda3
ef0c01c43c717189da45999cb1340bae85d37ec079eb35d9c0ab823c45c83570
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27c612dabb4ea65aeb9ca7c30264518cadd2509ed984c3a4f6d022e4ce035f9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f94c6aebe533b553900830629b37633a8fd940d50fc5354ea17faddf05c1a891
fac166959bebace4fda0378916c0ac2bc0c87090367aa2e781d8ca820059c7d9

discord.onl Open in urlscan Pro 2606:4700:3031::6815:2d4f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

90 %HTTPS

66 %IPv6

24 Domains

32 Subdomains

21 IPs

3 Countries

2983 kBTransfer

6331 kBSize

39 Cookies

0 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

discord.onl Open in urlscan Pro
2606:4700:3031::6815:2d4f Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

90 %
HTTPS

66 %
IPv6

24
Domains

32
Subdomains

21
IPs

3
Countries

2983 kB
Transfer

6331 kB
Size

39
Cookies

186 HTTP transactions
18 data transactions