elviento365.com Open in urlscan Pro
162.43.117.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elviento365.com/
Submission: On August 21 via api (August 21st 2023, 9:52:46 pm UTC) from US — Scanned from US

Summary HTTP 134 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 21 domains to perform 134 HTTP transactions. The main IP is 162.43.117.50, located in Kawaguchi, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is elviento365.com.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.

This is the only time elviento365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	162.43.117.50 162.43.117.50	131965 (XSERVER X...) (XSERVER Xserver Inc.)
28	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
4 20	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
32	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3 5	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
1 1	34.117.190.90 34.117.190.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 10	142.250.65.226 142.250.65.226	() ()
2 4	192.40.39.223 192.40.39.223	() ()
2 3	68.67.160.76 68.67.160.76	() ()
7	2607:f8b0:400... 2607:f8b0:4006:81d::2006	() ()
1 1	34.231.66.47 34.231.66.47	() ()
1 1	20.85.134.6 20.85.134.6	() ()
1	54.159.4.118 54.159.4.118	() ()
1	74.119.119.150 74.119.119.150	() ()
2 2	185.167.164.39 185.167.164.39	() ()
1 1	51.222.39.186 51.222.39.186	() ()
1 2	23.36.173.27 23.36.173.27	() ()
2	142.250.65.194 142.250.65.194	() ()
1	2600:9000:251... 2600:9000:2511:7800:19:fc2c:a140:93a1	() ()
134	23

5 162.43.117.50 (Kawaguchi, Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv13209.xserver.jp

elviento365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:80c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:817::2002 (Stony Point, United States) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4006:823::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.98 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2004 (Stony Point, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.190.90 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.190.117.34.bc.googleusercontent.com

pm.geniusmonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.65.226 (None, ) 4 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.76 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.66.47 (None, ) 1 redirects

ASN- ()

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.4.118 (None, )

ASN- ()

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.173.27 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:7800:19:fc2c:a140:93a1 (None, )

ASN- ()

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	733 KB
32	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net googleads4.g.doubleclick.net	215 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	607 B
7	2mdn.net s0.2mdn.net	129 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	110 KB
6	google.com 3 redirects mts0.google.com — Cisco Umbrella Rank: 4390 www.google.com — Cisco Umbrella Rank: 3	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	339 KB
5	elviento365.com elviento365.com	40 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	teads.tv 1 redirects sync.teads.tv	606 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 615	1 KB
1	agkn.com d.agkn.com	612 B
1	onetag-sys.com 1 redirects onetag-sys.com	516 B
1	criteo.com dis.criteo.com	363 B
1	adentifi.com rtb.adentifi.com	35 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	461 B
1	fksnk.com 1 redirects fksnk.com	614 B
1	geniusmonkey.com 1 redirects pm.geniusmonkey.com — Cisco Umbrella Rank: 17038	506 B
134	21

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net elviento365.com tpc.googlesyndication.com pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	elviento365.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
20	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	www.googleadservices.com	elviento365.com googleads.g.doubleclick.net
7	s0.2mdn.net	elviento365.com s0.2mdn.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	elviento365.com	elviento365.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	elviento365.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	pixel.tapad.com	1 redirects googleads.g.doubleclick.net
1	d.agkn.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	mweb.ck.inmobi.com	1 redirects
1	fksnk.com	1 redirects
1	pm.geniusmonkey.com	1 redirects
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
134	27

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
www.elviento365.com R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://elviento365.com/
Frame ID: 5DB12956BEC4EDB27622A59FF81773A6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: D4FF37EFFEBCA469E3738EC6D6546803
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&adk=1812271804&adf=3025194257&lmt=1692690756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Felviento365.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756035&bpp=27&bdt=416&idt=399&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1588918833483&frm=20&pv=2&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=556
Frame ID: 2CFC9EC6BAE31F2E14DC9CD343AC5C01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1692690756&rafmt=1&to=qs&pwprc=4873962057&format=1200x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756062&bpp=3&bdt=444&idt=559&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PXwxVJkGrY&p=https%3A//elviento365.com&dtd=578
Frame ID: 0940639469613C91A074F9621FB1DAC0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Frame ID: 56BC34CEC69C8EB8F5E61AB162B541E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 61AB587A40A7141913D9A5937C6B0F5B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: E1026657A414F134AAF102882F44616F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 68BC59C830E48824179E8FEC1960C0A2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 817E996E32A49591F26B1F0310B86F4D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: F98FBB9A7EEB0041B7729B3A3509A7ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CB1C1DF4D8DF8AABCCF7171ECD8F4090
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 75B2BA07365CA5AF43EDA40F672329C1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4F5F0DE127F7D4AEA11D3EA35E74435
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C3876AC2EA5FA058058A5C099791D6D9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnhkvgCEN-0resEGLrt2-0BMAE&v=APEucNVUjBsKpvdJdnGPU0OEIuvIwFdKhgVa9FayC3PvGbMz6gWIY1gvMQIyjsQR0ycZ3d00IEyDCTiuSUVjeyAneU91_OyOzw
Frame ID: 17078E42BABA9FD9DDCF1EDD8B2C8D84
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CE38BB297B334F855F3DF4CEB8D2B01E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 49AF544D6C6749CE5DDDFB09622A3507
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: B532F8913763FE0667C427B4983AD5AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76315683FCB959A377348F52068BB3F2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: DD04DF9C7865F3352171CF9DA085F0DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 9ABABE2E58C989FCB1202B46C4FE81FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E8515F0A90AF207A73D737A042ECDBC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250
Frame ID: FBBC3263D568B7974721528C6CDD2370
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9027E1FA513CC6EBFAD27D4E16E4400E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9F8599F35580F1BBB07E820DCF5E15E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

El Viento 365 – Otro sitio realizado con WordPress

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

134
Requests

89 %
HTTPS

44 %
IPv6

21
Domains

27
Subdomains

23
IPs

2
Countries

1575 kB
Transfer

4356 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/adview?ai=CUvWxpdzjZMCGCPOcxtYPz_u2qAv8nq6Sb6O65I_aEb6K_4DUAhABIKS3tAlgybajiPCj7BKgAezchLYoyAEJqAMByAPLBKoEjAJP0OpxLquTYv8ZAIMdwydAcHWnnCcPUNhf9HPyJCSI4NBq0GXTN_DsrVUW3zdAt8iFS7QqVz3NoQc52xxpk2lnkFvTKSvjpAUpDkMTDxgo0K_5TI7tpe6cbqB7qOgadD0M8hdqsF7u9P6Wbj1oM2eEJmXkFkO_T8iZTyiFAjCHifL4L6drHRVoHwZUzI0xAFgIlCFmIUpjP3DBPwpStCJ_7qJGFVpqibxSFZ2tBXMz3qxFINHkUOW1sfeYLSG-cjh2qrIr-ByUKSoJW-DPChX6YyL9mJABUsZVn--CBYauWOl7emTcu1uw4gO7L_h4UVatD4-MAdxD-fcHKfP3lEtXgI4D-dUJeaILzq4cwAS19Z7_oASIBarc0sZDkgUECAQYAZIFBAgFGASgBi6AB-yU1ZUDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk7Ua0ggUCIBhEAEYHzICigI6AoBASL39wTqaCR9odHRwczovL3d3dy5xdWVlbm5haWxzdG9yZS5jb20vgAoByAsB2gwQCgoQgLKxw4GGm7h2EgIBA7gTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItNTM3NzQ0MTQ5ODg3MDI0MRgA&sigh=-hdYvX0Ri_A&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWdbShKBodQfv1r7Xa41fFRXzka9gwkxgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15ac2497b4c3f49b0000000000000000%22,%222%22:%220x2e3ed81bf0aff4a40000000000000000%22,%223%22:%220x3b2e7c0a1cab19fc0000000000000000%22,%224%22:%220xb59a87f0b5aeae400000000000000000%22,%225%22:%220xdf5548c77cb657570000000000000000%22},%22debug_key%22:%22426365869666438842%22,%22debug_reporting%22:true,%22destination%22:%22https://queennailstore.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210850741868%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228521350159820819281%22}&andc=true

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://googleads.g.doubleclick.net/pagead/adview?ai=COKNMpdzjZKaQCuP3n88Pr96AiA2L18fBctrs-4rQEYe2vs-IChABIKS3tAlgybajiPCj7BKgAZS04uYpyAECqAMByAPJBKoE9wFP0LHumWlvSyjwWnVXTj8kXy1b5PRRu6PRx7d7ThgdVAhM6yHz7ZQDKMxte3jfyvwELO4l3MKD2EfqgKNmnTI8s9LRbBFIBYB9gv8vx3-CIuvIu9NG23BbtFtswG_sD66_NIhV4vrQUjhyT4CvkF4Z_fDTHukaX2KTL0IcIa-xacOh9M-qf1q3UCgPeNXU3ijymZYg_-JL7eiHJXbCnyO119ExngQdPXuxfEROV4kwgJzFHW6YXS0ExoZRs0mI1PtAOS7OUtW91-3Olpzro4aqVVQ9dDJJ7Byk_Q3UGRowXI7peIViT6meGfpaE-ZrWXZ-obIQ-yjmwASaztGRngSSBQQIBBgBkgUECAUYBKAGAoAHlOyyxgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDyrAXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJigFodHRwczovL3d3dy5ncmhlYXRpbmdjb29saW5nLmNvbS8_dXRtX3NvdXJjZT1nZW5pdXNtb25rZXkmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1ncl9oZWF0aW5nX2FuZF9jb29saW5nX2JyYW5kaW5nJmdtcHNpZD0xMDUwMTc0NjaACgHICwHaDBEKCxCQk8G8teTRqZABEgIBA9gTAtAVAYAXAbIXHAoaCAASFHB1Yi01Mzc3NDQxNDk4ODcwMjQxGAA&sigh=KiFz1EL5pYM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6d3785957921f2900000000000000000%22,%222%22:%220x6bdb433c9d5bbdc70000000000000000%22,%225%22:%220x18574e6eec86e2b20000000000000000%22},%22debug_key%22:%2213065837402061355450%22,%22debug_reporting%22:true,%22destination%22:%22https://grheatingcooling.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221375508%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215059692357355019233%22}&andc=true

Request Chain 72

https://pm.geniusmonkey.com/i/sync/ingest?id=226602437&ord=2124572123&pid=d2c47939-f2c5-49cc-9003-6c2719879233&rt=ta&cbvp=2 HTTP 307
https://pixel.tapad.com/idsync/ex/receive?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOPcp3UrlzmGdx5t2aLS0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBMPX-u-y_1ETF8NJ_yp6uQ&google_cver=1

Request Chain 88

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5OTIyNzkyNzE3NDE5MTYz

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=CZi2HpdzjZKSQCuP3n88Pr96AiA3fxN-fcaKRtrPxD62sg63MBRABIKS3tAlgybajiPCj7BKgAaKMjMQoyAECqAMByAPJBKoE9QFP0B7t0tNGu9AqRQOLiaDV6ppeSFM5HlW4IRN0dB-NJpxewUTvdeMQWN6zu07Bf0OIr1CjpnKLu0GJopRDkBtbpE4T1X7NxCL0cQZoW0vcFaE4GJWfJ1o5UrPMQtb53_-Rss_mglQH9XK2SHOsvL-K2b_j3sG_79Xe81oA24lHi8vri7CNngklwK-BYmPhdxvjWi7shMuMSxndDhIv-g5bslbRbcaYBBkPZfvbLPVad-pLrwEG7Ranu69tnhrXxH85ESIJGtrNj57eo8Gmab5DiUlYHEY8HaSiYI-vM8pgaO98kGxTQfjVnl6VZvURCFrZ1mpb58AEm43x-PsDkgUECAQYAZIFBAgFGASgBgKAB6LE3KMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrKoG0ggUCIBhEAEYHzICigI6AoBASL39wTqaCTVodHRwczovL3d3dy5wZXRlc2R1ZWxpbmdwaWFub2Jhci5jb20vcHJpdmF0ZS1wYXJ0aWVzL4AKAcgLAdoMEAoKEJDB7f6G6fiuChICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNTM3NzQ0MTQ5ODg3MDI0MRgA&sigh=lKJc_YDazZI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d172f9441160000000000000000%22},%22debug_key%22:%2215191419780143913978%22,%22debug_reporting%22:true,%22destination%22:%22https://petesduelingpianobar.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880222754%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214078477643766689777%22}&andc=true

Request Chain 102

https://googleads.g.doubleclick.net/pagead/adview?ai=CpdTSpdzjZKWQCuP3n88Pr96AiA3fxN-fcaKRtrPxD62sg63MBRABIKS3tAlgybajiPCj7BKgAaKMjMQoyAECqAMByAPJBKoE9QFP0PeYEk2hfxiJgVIn4yizEGpG-v0Oi3qfMh3xKU1clzo7xzlNxhMQP4uOGgEP1yd-z0EoLri4a0l71VVv88QNGSzXBnP6IoNKocs1vKkjNJEOO-asNOpvVxk3qN_BDKmKCKaUL9YEsZNAT6uZ2Sh3NNwM9BZEBs1hELentRvCC6NuwTUfZw_VzNmXzRBzyXGsS9DCOES99FEKsUJURj1_GIKUVPUFoMc76ge8ISP2lC4ISlVLUExbL61kMDGya3vgO0OgZbsLszO_F3nN29CV_v5qSFGpM0vTzF0i8IqLn0KOj3YwTaUZDJV2su7qd0SgX7ePKcAEm43x-PsDkgUECAQYAZIFBAgFGASgBgKAB6LE3KMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzJIF0ggUCIBhEAEYHzICigI6AoBASL39wTqaCTVodHRwczovL3d3dy5wZXRlc2R1ZWxpbmdwaWFub2Jhci5jb20vcHJpdmF0ZS1wYXJ0aWVzL4AKAcgLAdoMEQoLEODwlvSUi6iIswESAgED2BMC0BUBgBcBshccChoIABIUcHViLTUzNzc0NDE0OTg4NzAyNDEYAA&sigh=IIXmnEmWz00&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d172f9441160000000000000000%22},%22debug_key%22:%22797408897762738775%22,%22debug_reporting%22:true,%22destination%22:%22https://petesduelingpianobar.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880222754%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212813462198981490001%22}&andc=true

Request Chain 109

https://fksnk.com/cs/google?google_gid=CAESEC1vp-GFo2hU91ywwlDS_Vk&google_cver=1&google_push=AXcoOmQ3E5PmL2v-h_1BVObQB9tmWlnt7AjIyaRWOg7_XihvpjlQn2ZD6td87ohZingA_nMMPTNhGHyfWpyqKM7LaqTHD8AWEqa7Sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OERBMjgxNkEzOTRCM0VBNw==

Request Chain 110

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=1&google_push=AXcoOmQjmfi0ldmA4Y9vsisnuB8N_wZLSxgMhKlbyRrHf6ZHWuTAbzevFmXBgloDzfBI02Ju5-vdS_2TBiMJ8B3Kr6eL93qlAId04w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWIxNjNkMTMtODcyMi00NDIzLTg4MzMtMjFlZTM3MDFmOTM0&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=1&google_push=AXcoOmQjmfi0ldmA4Y9vsisnuB8N_wZLSxgMhKlbyRrHf6ZHWuTAbzevFmXBgloDzfBI02Ju5-vdS_2TBiMJ8B3Kr6eL93qlAId04w

Request Chain 113

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL_Z-dgZ4FRkbj6cPOXSgd0&google_cver=1&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzMkR9N4FLzDVHSV1v7nMNIHJw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL_Z-dgZ4FRkbj6cPOXSgd0&google_cver=1&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzMkR9N4FLzDVHSV1v7nMNIHJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUxNDk4NzY2MDc1NDUwOTY2NA&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzMkR9N4FLzDVHSV1v7nMNIHJw

Request Chain 114

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdCsnT0Y7EEoDmZ-d2offI&google_cver=1&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y_yWg6AC8yK5h7j8Hk7Zw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABihoV8sfx6o1xg2Iis4pcUUwmoZ4iilmy7w&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y_yWg6AC8yK5h7j8Hk7Zw

Request Chain 115

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFe57Sg3GMWwl6ZUgjix2eo&google_cver=1&google_push=AXcoOmSpTpYDBkfqznhoWgEhS01hnQ4MbBxhIXxE_meSMl6Gmy1l5ZiKxDncjWZLAllF0jaDW3Gquzq8SuhwzjAE3Bktv6kBguoYYpyy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTZhMDcxYmQtYTUwNC00MDcwLWJjY2EtNzc5YjNmNWU2YmM3&google_push=AXcoOmSpTpYDBkfqznhoWgEhS01hnQ4MbBxhIXxE_meSMl6Gmy1l5ZiKxDncjWZLAllF0jaDW3Gquzq8SuhwzjAE3Bktv6kBguoYYpyy HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

134 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
elviento365.com/ 77 KB
13 KB 2752ms
406ms Document
text/html 162.43.117.50
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elviento365.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.43.117.50 Kawaguchi, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv13209.xserver.jp
Software: nginx /
Resource Hash: 4721cc6f6b40deb1c9a273f6c82c02e8eed29dd12f23577c8bc0f50addae59bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:52:35 GMT
link: <https://elviento365.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-ua-compatible: IE=edge

GET
H2 200 style.min.css
elviento365.com/wp-includes/css/dist/block-library/ 102 KB
15 KB 208ms
206ms Stylesheet
text/css 162.43.117.50
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elviento365.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by: Host: elviento365.com
URL: https://elviento365.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.43.117.50 Kawaguchi, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv13209.xserver.jp
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:35 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 04:47:07 GMT
server: nginx
etag: W/"19824-602762bf58905"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 28 Aug 2023 21:52:35 GMT

GET
H2 200 main.min.css
elviento365.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 209ms
207ms Stylesheet
text/css 162.43.117.50
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elviento365.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3
Requested by: Host: elviento365.com
URL: https://elviento365.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.43.117.50 Kawaguchi, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv13209.xserver.jp
Software: nginx /
Resource Hash: 33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:35 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 16:31:59 GMT
server: nginx
etag: W/"4c36-5d9f3deaa767f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 28 Aug 2023 21:52:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 206ms
75ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5377441498870241

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b81ec6a4c3268b5c5db4a3264636b2c2a1a28404184d9bef71ad73ec8c9484fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Origin: https://elviento365.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51319
x-xss-protection: 0
server: cafe
etag: 16150608697966344156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:35 GMT

GET
H2 200 menu.min.js Show response
elviento365.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 210ms
209ms Script
application/javascript 162.43.117.50
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elviento365.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by: Host: elviento365.com
URL: https://elviento365.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.43.117.50 Kawaguchi, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv13209.xserver.jp
Software: nginx /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:35 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 16:31:59 GMT
server: nginx
etag: W/"1b1c-5d9f3deaa861f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 28 Aug 2023 21:52:35 GMT

GET
BLOB 200
OK e902539d-4c8f-474a-91c0-1a7d4c74951f
https://elviento365.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://elviento365.com/e902539d-4c8f-474a-91c0-1a7d4c74951f
Requested by: Host: elviento365.com
URL: https://elviento365.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 wp-emoji-release.min.js Show response
elviento365.com/wp-includes/js/ 18 KB
5 KB 213ms
209ms Script
application/javascript 162.43.117.50
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elviento365.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by: Host: elviento365.com
URL: https://elviento365.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.43.117.50 Kawaguchi, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv13209.xserver.jp
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:36 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 04:46:19 GMT
server: nginx
etag: W/"4904-5f816c6093d4f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 28 Aug 2023 21:52:36 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 251ms
154ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5377441498870241

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1779db92c62463ad84971b21cc14dcc4da5907dea0b8ff5672e7f5ad6aac8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134681
x-xss-protection: 0
server: cafe
etag: 17393744982466595941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame D4FF 10 KB
5 KB 352ms
43ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5377441498870241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 19:34:29 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 19:34:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 680ms
574ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=elviento365.com&callback=_gfp_s_&client=ca-pub-5377441498870241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2acdbbbcbb4e0e8ce41a834437473e4c61eaa92bf3578cc0d6bd00c5a40db2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CFC 539 KB
98 KB 1137ms
1135ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&adk=1812271804&adf=3025194257&lmt=1692690756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Felviento365.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756035&bpp=27&bdt=416&idt=399&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1588918833483&frm=20&pv=2&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=556

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b6de1ece600edb471a777c6914c6aabe588f435d4ddba30323b55ce3c1d10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99743
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:37 GMT
expires: Mon, 21 Aug 2023 21:52:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0940 146 KB
44 KB 1019ms
1015ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1692690756&rafmt=1&to=qs&pwprc=4873962057&format=1200x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756062&bpp=3&bdt=444&idt=559&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PXwxVJkGrY&p=https%3A//elviento365.com&dtd=578

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24be98eb62472ab74767bc34b2919abf70117e3baef799525c0ed0062b36b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:37 GMT
expires: Mon, 21 Aug 2023 21:52:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0940 14 KB
2 KB 172ms
66ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1692690756&rafmt=1&to=qs&pwprc=4873962057&format=1200x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756062&bpp=3&bdt=444&idt=559&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PXwxVJkGrY&p=https%3A//elviento365.com&dtd=578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:08:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:52:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0940 2 KB
973 B 158ms
50ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 0940 23 KB
9 KB 154ms
51ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0940 3 KB
1 KB 163ms
61ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0940 20 KB
8 KB 148ms
46ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0940 180 KB
57 KB 174ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:37 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 0940 35 KB
15 KB 155ms
48ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:35:00 GMT

GET
H2 400 data=iTdvlm5p1Br-n-sYrPIB6Kyqrt-iYIHBzwEJbwbAZE8r5gUWAsfnjvOrDC62XbDtp0bNyQeqgWlMZw16MKnFpA
mts0.google.com/vt/ Frame 0940 0
0 181ms
61ms Image
text/html 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=iTdvlm5p1Br-n-sYrPIB6Kyqrt-iYIHBzwEJbwbAZE8r5gUWAsfnjvOrDC62XbDtp0bNyQeqgWlMZw16MKnFpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1692690756&rafmt=1&to=qs&pwprc=4873962057&format=1200x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654756062&bpp=3&bdt=444&idt=559&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PXwxVJkGrY&p=https%3A//elviento365.com&dtd=578
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0940 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0940 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0940 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0940 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 154 KB
52 KB 75ms
71ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11edc6d1acd75909e1874c7f3180d2a09e01763caf846435281955f8217bb176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53664
x-xss-protection: 0
server: cafe
etag: 3794636418660858471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:37 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56BC 27 KB
11 KB 1163ms
1144ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b14a0d0b8ac786788e5a30321e48be321ffd2a5b878aacb49e3481cac96c36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11733
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
expires: Mon, 21 Aug 2023 21:52:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0940 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e5ff9170667101e9bc3a764d22b3fa40aa0301ae2e616449c580e6756949612

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 61AB 10 KB
4 KB 64ms
48ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame E102 10 KB
4 KB 62ms
49ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 68BC 10 KB
4 KB 62ms
49ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 817E 10 KB
4 KB 66ms
54ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0940 33 KB
34 KB 148ms
44ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 307955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0940
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUvWxpdzjZMCGCPOcxtYPz_u2qAv8nq6Sb6O65I_aEb6K_4DUAhABIKS3tAlgybajiPCj7BKgAezchLYoyAEJqAMByAPLBKoEjAJP0OpxLquTYv8ZAIMdwydAcHWnnCcPUNhf9HPyJCSI4NB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15ac2497b4c3f49b0000000000000000%22,%222%22:%220x2e3ed81bf0aff4a40000000000000000%22,%223%22:%220x3b2e7c...

0
0

732ms
59ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15ac2497b4c3f49b0000000000000000%22,%222%22:%220x2e3ed81bf0aff4a40000000000000000%22,%223%22:%220x3b2e7c0a1cab19fc0000000000000000%22,%224%22:%220xb59a87f0b5aeae400000000000000000%22,%225%22:%220xdf5548c77cb657570000000000000000%22},%22debug_key%22:%22426365869666438842%22,%22debug_reporting%22:true,%22destination%22:%22https://queennailstore.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210850741868%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228521350159820819281%22}&andc=true

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x15ac2497b4c3f49b0000000000000000","2":"0x2e3ed81bf0aff4a40000000000000000","3":"0x3b2e7c0a1cab19fc0000000000000000","4":"0xb59a87f0b5aeae400000000000000000","5":"0xdf5548c77cb657570000000000000000"},"debug_key":"426365869666438842","debug_reporting":true,"destination":"https://queennailstore.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10850741868"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"8521350159820819281"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:52:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x15ac2497b4c3f49b0000000000000000","2":"0x2e3ed81bf0aff4a40000000000000000","3":"0x3b2e7c0a1cab19fc0000000000000000","4":"0xb59a87f0b5aeae400000000000000000","5":"0xdf5548c77cb657570000000000000000"},"debug_key":"426365869666438842","debug_reporting":true,"destination":"https://queennailstore.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10850741868"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"8521350159820819281"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame F98F 37 KB
14 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 61AB 4 KB
767 B 66ms
60ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 61AB 205 B
520 B 53ms
49ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 20:32:34 GMT
x-content-type-options: nosniff
age: 436804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Aug 2024 20:32:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 61AB 604 B
695 B 55ms
50ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:06:58 GMT
x-content-type-options: nosniff
age: 521140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Aug 2024 21:06:58 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 61AB 15 KB
6 KB 57ms
53ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 6802313557646952851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:13:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 61AB 20 KB
8 KB 56ms
54ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:00:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame E102 23 KB
9 KB 46ms
44ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB1C 143 B
166 B 48ms
46ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:31:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame E102 3 KB
1 KB 49ms
44ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame E102 20 KB
8 KB 48ms
46ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 3119227463551714139
tpc.googlesyndication.com/daca_images/simgad/ Frame E102 63 KB
63 KB 53ms
50ms Image
image/png 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3119227463551714139

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8693ccc79a0ac323f905b57a792fcee8d94fcc72e9af8e5b9ee898bb583179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:26:23 GMT
x-content-type-options: nosniff
age: 422775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64196
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 20:02:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 00:26:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E102 180 KB
56 KB 80ms
77ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame E102 35 KB
14 KB 91ms
90ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:51:26 GMT

GET
H2 200 3119227463551714139
tpc.googlesyndication.com/daca_images/simgad/ Frame 68BC 63 KB
63 KB 92ms
91ms Image
image/png 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3119227463551714139

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8693ccc79a0ac323f905b57a792fcee8d94fcc72e9af8e5b9ee898bb583179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:26:23 GMT
x-content-type-options: nosniff
age: 422775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64196
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 20:02:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 00:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 68BC 23 KB
9 KB 115ms
111ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B2 143 B
166 B 54ms
46ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:31:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 68BC 3 KB
1 KB 107ms
100ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 68BC 20 KB
8 KB 102ms
95ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68BC 180 KB
56 KB 65ms
61ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 68BC 35 KB
14 KB 105ms
101ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:51:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 817E 23 KB
9 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4F5 143 B
166 B 66ms
56ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:31:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 817E 3 KB
1 KB 62ms
59ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 817E 20 KB
8 KB 63ms
60ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H3 200 15438534727441436509
tpc.googlesyndication.com/simgad/ Frame 817E 21 KB
21 KB 64ms
62ms Image
image/png 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15438534727441436509?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlV6wAusbWFFx8n_PyraiHo-pYU5w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48867cc49004a59a968326ebe77e727f23bef002f4a43229eed6f26d443fc015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 10:53:06 GMT
x-content-type-options: nosniff
age: 385172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21644
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 20:24:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 10:53:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 817E 180 KB
56 KB 90ms
89ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 817E 35 KB
14 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:51:26 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 183ms
60ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:52:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C387 14 KB
1 KB 63ms
62ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:15:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame C387 2 KB
892 B 48ms
47ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame C387 23 KB
9 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame C387 3 KB
1 KB 50ms
50ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame C387 20 KB
8 KB 54ms
54ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C387 180 KB
56 KB 87ms
87ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:38 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame C387 35 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:35:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB1C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
75ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
expires: Mon, 21 Aug 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

89ms
89ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
expires: Mon, 21 Aug 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

77ms
76ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
expires: Mon, 21 Aug 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 817E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d15e0e39b014438b47780bff53d3b66d1c44e4023ea6ba986e5816bf4d6bf971

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 817E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=COKNMpdzjZKaQCuP3n88Pr96AiA2L18fBctrs-4rQEYe2vs-IChABIKS3tAlgybajiPCj7BKgAZS04uYpyAECqAMByAPJBKoE9wFP0LHumWlvSyjwWnVXTj8kXy1b5PRRu6PRx7d7ThgdVAh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6d3785957921f2900000000000000000%22,%222%22:%220x6bdb433c9d5bbdc70000000000000000%22,%225%22:%220x18574e...

0
0

61ms
60ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6d3785957921f2900000000000000000%22,%222%22:%220x6bdb433c9d5bbdc70000000000000000%22,%225%22:%220x18574e6eec86e2b20000000000000000%22},%22debug_key%22:%2213065837402061355450%22,%22debug_reporting%22:true,%22destination%22:%22https://grheatingcooling.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221375508%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215059692357355019233%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6d3785957921f2900000000000000000","2":"0x6bdb433c9d5bbdc70000000000000000","5":"0x18574e6eec86e2b20000000000000000"},"debug_key":"13065837402061355450","debug_reporting":true,"destination":"https://grheatingcooling.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221375508"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"15059692357355019233"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:52:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6d3785957921f2900000000000000000","2":"0x6bdb433c9d5bbdc70000000000000000","5":"0x18574e6eec86e2b20000000000000000"},"debug_key":"13065837402061355450","debug_reporting":true,"destination":"https://grheatingcooling.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221375508"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"15059692357355019233"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 817E
Redirect Chain

https://pm.geniusmonkey.com/i/sync/ingest?id=226602437&ord=2124572123&pid=d2c47939-f2c5-49cc-9003-6c2719879233&rt=ta&cbvp=2
https://pixel.tapad.com/idsync/ex/receive?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87

95 B
436 B

61ms
60ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 21 Aug 2023 21:52:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3388&partner_device_id=2f79b15f-513f-4960-b0b2-cfe3af2f9b87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0940 42 B
174 B 76ms
75ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskErCf38x5VQxku4LFzl-VH_cSIgNqf7GN_7E9RBXbIxEUqX3lLPhD7YXaTaYl1gFn0R53cOWci-Z4Y9IKLvC6gVphwk7BY4XoyAzxMjYwK5ksGRJTOjfWSyzEpuStUhzux3W-Jr5a8g&sai=AMfl-YTqC1n-zlomWEjp3YgzsROSPYbilHMLPzgG9JVUE4aTldbsDyPDCwudpJ19LKGKNHgfKCytMvVwkLLn&sig=Cg0ArKJSzMq_O1q0f0vVEAE&cid=CAQSGwBpAlJWdbShKBodQfv1r7Xa41fFRXzka9gwkxgB&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1255086581&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692654756645&rpt=1512&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 62ms
61ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:52:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1707 624 B
242 B 81ms
69ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnhkvgCEN-0resEGLrt2-0BMAE&v=APEucNVUjBsKpvdJdnGPU0OEIuvIwFdKhgVa9FayC3PvGbMz6gWIY1gvMQIyjsQR0ycZ3d00IEyDCTiuSUVjeyAneU91_OyOzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CE38 86 KB
29 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame CE38 3 KB
1 KB 55ms
52ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame CE38 20 KB
8 KB 55ms
53ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CE38 0
0 98ms
65ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCCB4KFBHkDyNmzMTojhR9Ka8f0csHOjwarTLTLhTPoVxWBYogsMigmH9hmHG5VX9JBdO8KPplganb5eGaekH__AUnpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE38 180 KB
56 KB 1661ms
1660ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE38 42 B
63 B 65ms
63ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aqy6Pv9iLBVEotfwCYNrfJ8ewj-swTOJ-0AIqaRoewDVvF8wQZwrLDo4JZ0xCMuincvj86e03ESSetrPQ75HvcZYrLBJlrweN8cifa2vhLKymMgKY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE38 0
20 B 64ms
62ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8133688715279260657&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C387 0
20 B 64ms
58ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230817&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 49AF 37 KB
14 KB 47ms
44ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1707
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1

43 B
766 B

48ms
47ms

Image
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnhkvgCEN-0resEGLrt2-0BMAE&v=APEucNVUjBsKpvdJdnGPU0OEIuvIwFdKhgVa9FayC3PvGbMz6gWIY1gvMQIyjsQR0ycZ3d00IEyDCTiuSUVjeyAneU91_OyOzw
Protocol: HTTP/1.1
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 21:52:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1707
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOPcp3UrlzmGdx5t2aLS0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1

43 B
766 B

53ms
52ms

Image
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnhkvgCEN-0resEGLrt2-0BMAE&v=APEucNVUjBsKpvdJdnGPU0OEIuvIwFdKhgVa9FayC3PvGbMz6gWIY1gvMQIyjsQR0ycZ3d00IEyDCTiuSUVjeyAneU91_OyOzw
Protocol: HTTP/1.1
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 21:52:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELgls8fefi4irbBB-HYeJbo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1707
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBMPX-u-y_1ETF8NJ_yp6uQ&google_cver=1

43 B
843 B

51ms
49ms

Image
image/gif

68.67.160.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBMPX-u-y_1ETF8NJ_yp6uQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnhkvgCEN-0resEGLrt2-0BMAE&v=APEucNVUjBsKpvdJdnGPU0OEIuvIwFdKhgVa9FayC3PvGbMz6gWIY1gvMQIyjsQR0ycZ3d00IEyDCTiuSUVjeyAneU91_OyOzw

Protocol

Server

68.67.160.76 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
an-x-request-uuid: 950ae206-56ee-4bd3-bdf2-7ac891992670
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 167.88.7.162; 167.88.7.162; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBMPX-u-y_1ETF8NJ_yp6uQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1707
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5OTIyNzkyNzE3NDE5MTYz

170 B
243 B

75ms
73ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5OTIyNzkyNzE3NDE5MTYz

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
an-x-request-uuid: 598866c5-2487-4b95-bda0-d58dd4435c38
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5OTIyNzkyNzE3NDE5MTYz
x-proxy-origin: 167.88.7.162; 167.88.7.162; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE38 0
20 B 58ms
58ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9057018452083&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE38 0
20 B 58ms
58ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9057018452083&version=m202307240101&ct=76&x=1&cor=8133688715279261000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CE38 89 KB
37 KB 106ms
105ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr-eB5W6MKiB4Axso-pX-DYploJasqiN6kUEkxaOw1Xs4ukdHvScNI7uI3Mk6XcOw0Q_XCzjW34Asv6cODD9TXk9s4Tw&cry=1&dbm_d=AKAmf-Dh_f10-0WnaWuDn2iZiub_BltR2hRIGPxrfj5_H9773WJct_ZncquENOIj5zNbOO2fSxIp3RKNi-y3VWm4pbiIodHusVsUif7DYu07mX1CoZza1J6Sey3tkzszeU98jqfU2BCT3YZQColIu_2-uJlWU-KyUwxIFSzoIYvlwDkSORfgOtw7JgDFclRP03uJb0pfcYsj4cZMopYFvatNlTM4zMmL5L7sGXW1GDuiqPjnd71U7OQi0M5T-xadT0pMCeIvCLR36T5JJvySqw289RK_-lUFBAv2exLv8X_Wyw6oAieir-K2X0fu_p51NHvMB4cJyNxWmyJp-qxpeBQVCtkJ5Xn-d6JRy_ia9OTkWGdCn5a71wibKnWEwzNp3a0F_0WZlSQicTP8D4nDlzPdx2d9f4pSigMyBoc44ZiBlpV1PFk2i4eE72GbGbr1utZu9X9dIirLiBpxVtianq-BHgxoF_xCRjgdr2UBgW47S4Xva0bkzVhol7NiliSQtNw5zU5ebIQgAJPqUyTtRMWfKWtgM1t9Bs7U7klMxvXF6UF_7sWhWPY0SYpvOExgpPPTz95WAUa8oOm2UAw0H_NWCgfKBk8XD5ef2YoQUOdW7HRqGqmDOvw08JrJYyXhy0sfr_dXsEuCtK46Iy431uciLHfEMAzZsC7KMfzlrX0AdBLazP5bV3alU22sdf_34Uzuhu8ABQBZfNBjBVOpeTjpBimkvDAjNYXYVbXkv80swt8LpaXyOigYeUx8z0eqgG3GFxAfeJFxPn5FVAsyZQ8qL8zXTkIm3D7_RYuANEIuEK6t24xeuiNL6FOo6o2cb9Sm0RtYs5KER3WRO2S9qGAA8TBWjI_SYuAW_MWr03h-4sjijYSjdn4xY01QSDvTXlrPHlyUXfGatwaNxPG_uzZWIV6W0vtus-YV_vJeGU81o5n-rKXWwWZcbKctF08XUQhdQI0vYkGH3Gh7YTsjUSF3hR7VXblAnL5mBdVB6hFH_0RG1eaO9Jq0dvxnp3rveAP1odVKNwSQpJ4yYEzuJkjbcXpz6mDWFxe209w3rTFpj6PPBMNwYkaYUkQAzpFwjAQtgJSgaYJcUPqnxdS_ZQJ8xwAdr0j6zyCqFPDIz4MDWlJS7OE6wvoUvQoXcmQLTJokVG7YMP2WmL3rF6xGUn0WlcvV3dUZCQf3tFVeLv2pfsWBs66v3ZwUFcmMhD1oxMqxLyA9gMrhFQVc4ATZwW11KBQf7nrMZRsAdUHn1SFOLsursx7s6zgo3CNsBfacww5ZGuhFFVRpnjc8Iqp5NnV24PSZosLWhrgfpAXWd8rAqvwUjVChH5JUcqONMgy7uhIdrhv4IkgSggOhmjscLsXeh9i6r6nZLJzVFVk2zOfSxvt2MFkc94m8C9twjyBE9ArD3VuW2mweVzuzk4UTLbLA22FJqlg676CjJ604jFUBPZKNj-deSev767EWsz4G-XOIQHMR9Ke-wUicnNjemKIdYHxTKISJTmNf9RELhNkuxs2KMPfpcX-Zec0FmGRTUBWTaW405q8k5_1fW9cIVrUPkBAKpRgr2CEa8t8et4o7_l4NAkshz_GAvoBe6-zoEvf3M-rRV-AGSRJGwexr7h9KhSLZuaQXDtgcfoHPl9vbX9WzJZ96qRwMgTkENDkHGcHRm80dZmFXkEk1hjS_p3kDxUgnoJxC4X4aLWFhNFUfUTm7wKHrSrfGQOfkC870N0DMZrTr-QA7cPGN8xElXhdh34XC-pYW4uFTRY8HRxEY7iUxEOxVaFS-qL9Tx2ywPHzUFbbrlkoJ_peizDwPhH3Biuk3tzXFPTIMuBoTiVwVfD-OSImAhb6u2WzEsB8I7iaQkTow8sPJKwACAiaJxxfevIiEaTOtd-tuxkgX6xzW6pD2e45fFwL-g2LcW1YjSiV-egMy01jtqBNk6dUaFf1DqPVLz70i-PvcN-n44ds_UVvdLa8aTjmCxnaKaYJ3Rz42k-wj1N48LvlGav8vfoiAMy6BC2NxWBP-Uhze2mMUPv-dSSrCtaJAvzsKLXlul2IoMnyXwT6IPeTSNshQgjAsPV2wpnxgZF9bO_u9G1zPPxPyHkK5aN89uGNv0AMr8hVstCeDn0WP2786ZKx5q4wcfgEs7BSLSrhVIoqXoVQhhSSbLa04inKiU8kun6f6vL1zt8lxD1E6tOfEzG2_7gUlR2DPYNKsUa4r_8pRxqKYIZgXvJjY0jr_cg0Ah-jZys7871blXpZMxeDyw5EAtzTfE4n2932cVsD_VqCFZo_0xIvzob6COWDz5UxNTpK7EBpLhBZGlkOJ5nU3qLk7MOkG_nOrC9VWdxgm3sJnrrLFBEf3TenL0Z_UTFnK9rZpJfl2HOEC0ytYPsWrSr1aUT8legFis4tMPHwR68odNYa0Lq9gEopLlZuBseWpuPh0vbYJiQ22h9r_a9yyOLXrqazz0bjNkQXo-wjsELTlpU4qVogl1JzlPFuHUc8_8QsTmjHVAVysbRxuAi4NULPXl-gWaIKc37BWaVilGLLBoKpAmMTfkRv_tYtQ1xE2k827RRmCD5nsT5yCKoLbFH2MVrYuxyxB8ipGKzJQz_f1P_u-t0bQsLDkmMnFCAfIaoCinWC-9SziYn_VN3iq4UHKT-SDYY5YgMN-9TPZwB3JYuKLaydZ5NxazYFmaH-tsKXg1TELfdZjVijW3YgUhlMXb_3v1RSMk23SrswZBcpOYVxxL6df1rc-PX28EtenGZVPMTM_reWfTgfvjqDLRZMdcBQuju-AfDD4ibanCMsSmI9MTdh89rb1HTQYctW2CoFQGzogC3sGNG3wOf6miIrxjSRY598mWxS-639qs79Dv6KgwqeJSu_kOKJYOGlA-V3OHhYx2fvCv9NX4VJtQuvtbwo0POs4lrgVKTl8V8BOmK9ZtAXxXszhUlFL_oybSMgKqLUrtIFq-_vU6mwqvCpVHmC10-H0mM2gsqRWw_-et2It-fX5mYyyWrgBhIGJUwq6NHW5XbAnCiZQJtGCsZm_RWKmfPO-GehU00TihGvk_MrQfpblLrcKhD4S6zgcD4meYF8vBqWgjHZZ4wPHvWdvDBHjTLoyOGI1ezgK3e7eNVZNqcoWE0Y3AAa2o4buE0ZJy9ZuTIM9AIztpZAg2gAxf9r_r36HkqZEsxF-WyHHlsbOCJM1MUIHoPgwsf0yuZk1_rLOclwzpwrIoQWGrdwPv58BZsZGlaq7wgzS8CDXX2Hhwy13ZPHJPZKXG5GVMctYeWUGRB0mPP9kiKranBy9lpCBAYQWrh8YXMfj6rxkD--OJt1jtHudVLVmWNwNJpO7KdsNlEOmeQW2kX3Vb50oe2owh1ckoOHD7MSktgv-e4KEBTYT7jxCblZVUXDrNQ4BAreraJPBYQXx59ZbdoS_OZWpglpp4vEmD-BbvA5bmP7g3fnp8QvKYWmEWcxHzY94Yz_Rcm_DsExtFEExRuFtUwiskNDgHpw3WzJR6TDU6EOGXdEzv5ngLX-b8wztMdyO8TGXbknxjMNiD4oiDvHvZM3Ab0nByYKi5aA7sqerINo_LK9K05garZEC_1GqX34yVYgCdHQD204L&cid=CAQSPgBpAlJW4P98pr6CfmgqJLPz1ikquOi_HprLqofctUEVG5pOF3x5x8xXYeN9JA3fqDO4XtqQo6upSrtm2bV8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Felviento365.com%2F&ds=l&xdt=1&iif=1&cor=8133688715279261000&adk=497053795&idt=84&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72b6e0f1f3dcd34eac9892e1c93e948a8594e34736b1dc9e1a3e3d78bbcd123b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37727
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E102 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626f0eac29633f422ca6d98c83c20efd96386c06bbc20a4d3b2af85e04471073

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 68BC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57f3a8d8c9e7ab2165e9a255be0af2638de5ba7054b910d1b5fef99f7167df4b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame B532 37 KB
14 KB 55ms
46ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CE38 111 KB
39 KB 165ms
44ms Script
text/javascript 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 11:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 11:07:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame CE38 11 KB
4 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr-eB5W6MKiB4Axso-pX-DYploJasqiN6kUEkxaOw1Xs4ukdHvScNI7uI3Mk6XcOw0Q_XCzjW34Asv6cODD9TXk9s4Tw&cry=1&dbm_d=AKAmf-Dh_f10-0WnaWuDn2iZiub_BltR2hRIGPxrfj5_H9773WJct_ZncquENOIj5zNbOO2fSxIp3RKNi-y3VWm4pbiIodHusVsUif7DYu07mX1CoZza1J6Sey3tkzszeU98jqfU2BCT3YZQColIu_2-uJlWU-KyUwxIFSzoIYvlwDkSORfgOtw7JgDFclRP03uJb0pfcYsj4cZMopYFvatNlTM4zMmL5L7sGXW1GDuiqPjnd71U7OQi0M5T-xadT0pMCeIvCLR36T5JJvySqw289RK_-lUFBAv2exLv8X_Wyw6oAieir-K2X0fu_p51NHvMB4cJyNxWmyJp-qxpeBQVCtkJ5Xn-d6JRy_ia9OTkWGdCn5a71wibKnWEwzNp3a0F_0WZlSQicTP8D4nDlzPdx2d9f4pSigMyBoc44ZiBlpV1PFk2i4eE72GbGbr1utZu9X9dIirLiBpxVtianq-BHgxoF_xCRjgdr2UBgW47S4Xva0bkzVhol7NiliSQtNw5zU5ebIQgAJPqUyTtRMWfKWtgM1t9Bs7U7klMxvXF6UF_7sWhWPY0SYpvOExgpPPTz95WAUa8oOm2UAw0H_NWCgfKBk8XD5ef2YoQUOdW7HRqGqmDOvw08JrJYyXhy0sfr_dXsEuCtK46Iy431uciLHfEMAzZsC7KMfzlrX0AdBLazP5bV3alU22sdf_34Uzuhu8ABQBZfNBjBVOpeTjpBimkvDAjNYXYVbXkv80swt8LpaXyOigYeUx8z0eqgG3GFxAfeJFxPn5FVAsyZQ8qL8zXTkIm3D7_RYuANEIuEK6t24xeuiNL6FOo6o2cb9Sm0RtYs5KER3WRO2S9qGAA8TBWjI_SYuAW_MWr03h-4sjijYSjdn4xY01QSDvTXlrPHlyUXfGatwaNxPG_uzZWIV6W0vtus-YV_vJeGU81o5n-rKXWwWZcbKctF08XUQhdQI0vYkGH3Gh7YTsjUSF3hR7VXblAnL5mBdVB6hFH_0RG1eaO9Jq0dvxnp3rveAP1odVKNwSQpJ4yYEzuJkjbcXpz6mDWFxe209w3rTFpj6PPBMNwYkaYUkQAzpFwjAQtgJSgaYJcUPqnxdS_ZQJ8xwAdr0j6zyCqFPDIz4MDWlJS7OE6wvoUvQoXcmQLTJokVG7YMP2WmL3rF6xGUn0WlcvV3dUZCQf3tFVeLv2pfsWBs66v3ZwUFcmMhD1oxMqxLyA9gMrhFQVc4ATZwW11KBQf7nrMZRsAdUHn1SFOLsursx7s6zgo3CNsBfacww5ZGuhFFVRpnjc8Iqp5NnV24PSZosLWhrgfpAXWd8rAqvwUjVChH5JUcqONMgy7uhIdrhv4IkgSggOhmjscLsXeh9i6r6nZLJzVFVk2zOfSxvt2MFkc94m8C9twjyBE9ArD3VuW2mweVzuzk4UTLbLA22FJqlg676CjJ604jFUBPZKNj-deSev767EWsz4G-XOIQHMR9Ke-wUicnNjemKIdYHxTKISJTmNf9RELhNkuxs2KMPfpcX-Zec0FmGRTUBWTaW405q8k5_1fW9cIVrUPkBAKpRgr2CEa8t8et4o7_l4NAkshz_GAvoBe6-zoEvf3M-rRV-AGSRJGwexr7h9KhSLZuaQXDtgcfoHPl9vbX9WzJZ96qRwMgTkENDkHGcHRm80dZmFXkEk1hjS_p3kDxUgnoJxC4X4aLWFhNFUfUTm7wKHrSrfGQOfkC870N0DMZrTr-QA7cPGN8xElXhdh34XC-pYW4uFTRY8HRxEY7iUxEOxVaFS-qL9Tx2ywPHzUFbbrlkoJ_peizDwPhH3Biuk3tzXFPTIMuBoTiVwVfD-OSImAhb6u2WzEsB8I7iaQkTow8sPJKwACAiaJxxfevIiEaTOtd-tuxkgX6xzW6pD2e45fFwL-g2LcW1YjSiV-egMy01jtqBNk6dUaFf1DqPVLz70i-PvcN-n44ds_UVvdLa8aTjmCxnaKaYJ3Rz42k-wj1N48LvlGav8vfoiAMy6BC2NxWBP-Uhze2mMUPv-dSSrCtaJAvzsKLXlul2IoMnyXwT6IPeTSNshQgjAsPV2wpnxgZF9bO_u9G1zPPxPyHkK5aN89uGNv0AMr8hVstCeDn0WP2786ZKx5q4wcfgEs7BSLSrhVIoqXoVQhhSSbLa04inKiU8kun6f6vL1zt8lxD1E6tOfEzG2_7gUlR2DPYNKsUa4r_8pRxqKYIZgXvJjY0jr_cg0Ah-jZys7871blXpZMxeDyw5EAtzTfE4n2932cVsD_VqCFZo_0xIvzob6COWDz5UxNTpK7EBpLhBZGlkOJ5nU3qLk7MOkG_nOrC9VWdxgm3sJnrrLFBEf3TenL0Z_UTFnK9rZpJfl2HOEC0ytYPsWrSr1aUT8legFis4tMPHwR68odNYa0Lq9gEopLlZuBseWpuPh0vbYJiQ22h9r_a9yyOLXrqazz0bjNkQXo-wjsELTlpU4qVogl1JzlPFuHUc8_8QsTmjHVAVysbRxuAi4NULPXl-gWaIKc37BWaVilGLLBoKpAmMTfkRv_tYtQ1xE2k827RRmCD5nsT5yCKoLbFH2MVrYuxyxB8ipGKzJQz_f1P_u-t0bQsLDkmMnFCAfIaoCinWC-9SziYn_VN3iq4UHKT-SDYY5YgMN-9TPZwB3JYuKLaydZ5NxazYFmaH-tsKXg1TELfdZjVijW3YgUhlMXb_3v1RSMk23SrswZBcpOYVxxL6df1rc-PX28EtenGZVPMTM_reWfTgfvjqDLRZMdcBQuju-AfDD4ibanCMsSmI9MTdh89rb1HTQYctW2CoFQGzogC3sGNG3wOf6miIrxjSRY598mWxS-639qs79Dv6KgwqeJSu_kOKJYOGlA-V3OHhYx2fvCv9NX4VJtQuvtbwo0POs4lrgVKTl8V8BOmK9ZtAXxXszhUlFL_oybSMgKqLUrtIFq-_vU6mwqvCpVHmC10-H0mM2gsqRWw_-et2It-fX5mYyyWrgBhIGJUwq6NHW5XbAnCiZQJtGCsZm_RWKmfPO-GehU00TihGvk_MrQfpblLrcKhD4S6zgcD4meYF8vBqWgjHZZ4wPHvWdvDBHjTLoyOGI1ezgK3e7eNVZNqcoWE0Y3AAa2o4buE0ZJy9ZuTIM9AIztpZAg2gAxf9r_r36HkqZEsxF-WyHHlsbOCJM1MUIHoPgwsf0yuZk1_rLOclwzpwrIoQWGrdwPv58BZsZGlaq7wgzS8CDXX2Hhwy13ZPHJPZKXG5GVMctYeWUGRB0mPP9kiKranBy9lpCBAYQWrh8YXMfj6rxkD--OJt1jtHudVLVmWNwNJpO7KdsNlEOmeQW2kX3Vb50oe2owh1ckoOHD7MSktgv-e4KEBTYT7jxCblZVUXDrNQ4BAreraJPBYQXx59ZbdoS_OZWpglpp4vEmD-BbvA5bmP7g3fnp8QvKYWmEWcxHzY94Yz_Rcm_DsExtFEExRuFtUwiskNDgHpw3WzJR6TDU6EOGXdEzv5ngLX-b8wztMdyO8TGXbknxjMNiD4oiDvHvZM3Ab0nByYKi5aA7sqerINo_LK9K05garZEC_1GqX34yVYgCdHQD204L&cid=CAQSPgBpAlJW4P98pr6CfmgqJLPz1ikquOi_HprLqofctUEVG5pOF3x5x8xXYeN9JA3fqDO4XtqQo6upSrtm2bV8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Felviento365.com%2F&ds=l&xdt=1&iif=1&cor=8133688715279261000&adk=497053795&idt=84&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame CE38 30 KB
11 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:50:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CE38 41 KB
13 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 14:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Aug 2024 14:24:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7631 1 KB
643 B 48ms
46ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:59:11 GMT
etag: 48472445140208031
expires: Tue, 22 Aug 2023 05:59:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame DD04 37 KB
14 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E102
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZi2HpdzjZKSQCuP3n88Pr96AiA3fxN-fcaKRtrPxD62sg63MBRABIKS3tAlgybajiPCj7BKgAaKMjMQoyAECqAMByAPJBKoE9QFP0B7t0tNGu9AqRQOLiaDV6ppeSFM5HlW4IRN0dB-NJpx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d...

0
0

81ms
67ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d172f9441160000000000000000%22},%22debug_key%22:%2215191419780143913978%22,%22debug_reporting%22:true,%22destination%22:%22https://petesduelingpianobar.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880222754%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214078477643766689777%22}&andc=true

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc24865891e88ef670000000000000000","2":"0x7189ac28281efd5f0000000000000000","5":"0x75d70d172f9441160000000000000000"},"debug_key":"15191419780143913978","debug_reporting":true,"destination":"https://petesduelingpianobar.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880222754"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14078477643766689777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:52:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc24865891e88ef670000000000000000","2":"0x7189ac28281efd5f0000000000000000","5":"0x75d70d172f9441160000000000000000"},"debug_key":"15191419780143913978","debug_reporting":true,"destination":"https://petesduelingpianobar.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880222754"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14078477643766689777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 68BC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CpdTSpdzjZKWQCuP3n88Pr96AiA3fxN-fcaKRtrPxD62sg63MBRABIKS3tAlgybajiPCj7BKgAaKMjMQoyAECqAMByAPJBKoE9QFP0PeYEk2hfxiJgVIn4yizEGpG-v0Oi3qfMh3xKU1clzo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d...

0
0

74ms
73ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d172f9441160000000000000000%22},%22debug_key%22:%22797408897762738775%22,%22debug_reporting%22:true,%22destination%22:%22https://petesduelingpianobar.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880222754%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212813462198981490001%22}&andc=true

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc24865891e88ef670000000000000000","2":"0x7189ac28281efd5f0000000000000000","5":"0x75d70d172f9441160000000000000000"},"debug_key":"797408897762738775","debug_reporting":true,"destination":"https://petesduelingpianobar.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880222754"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"12813462198981490001"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:52:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc24865891e88ef670000000000000000","2":"0x7189ac28281efd5f0000000000000000","5":"0x75d70d172f9441160000000000000000"},"debug_key":"797408897762738775","debug_reporting":true,"destination":"https://petesduelingpianobar.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880222754"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"12813462198981490001"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE38 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c072f6e3937b176a7933231cba75fd0f310cca7e423932337ef3dc6d2e63605a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 817E 42 B
64 B 74ms
68ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunHWksmX6d4WdI2WJv4FvLaR6bqLloYW8BOlDoiktrRqtwCzMhalItNMfA8GGq4B6ErAhYDIPanZYEpea_saEL10f1K_2wRKV152Kr1CJWw320s9s-oY1n_kHTtQ7jkjh3mcpCiC6JxQ&sai=AMfl-YT_16k7h8ZgK-EO8hjLwCstk5mJz1SKsKRrui1Lqu7od6T2VmGG6-2y5ipBX-cpJko6KxZx4nG8CtD1&sig=Cg0ArKJSzEIQXAzrI-uTEAE&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&id=lidar2&mcvt=1052&p=0,0,124,1005&mtos=694,1052,1052,1052,1052&tos=694,358,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692654757975&rpt=917&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9ABA 37 KB
14 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 62ms
61ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:52:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc24865891e88ef670000000000000000%22,%222%22:%220x7189ac28281efd5f0000000000000000%22,%225%22:%220x75d70d172f9441160000000000000000%22},%22debug_key%22:%22797408897762738775%22,%22debug_reporting%22:true,%22destination%22:%22https://petesduelingpianobar.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880222754%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212813462198981490001%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:52:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5E85 22 KB
8 KB 47ms
46ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 26851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 14:25:09 GMT
expires: Tue, 20 Aug 2024 14:25:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7631
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEC1vp-GFo2hU91ywwlDS_Vk&google_cver=1&google_push=AXcoOmQ3E5PmL2v-h_1BVObQB9tmWlnt7AjIyaRWOg7_XihvpjlQn2ZD6td87ohZingA_nMMPTNhGHyfWpyqKM7LaqTHD8AWEqa7Sg
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OERBMjgxNkEzOTRCM0VBNw==

170 B
188 B

69ms
61ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OERBMjgxNkEzOTRCM0VBNw==

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OERBMjgxNkEzOTRCM0VBNw==
date: Mon, 21 Aug 2023 21:52:40 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7631
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWIxNjNkMTMtODcyMi00NDIzLTg4MzMtMjFlZTM3MDFmOTM0&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=1&google_push=AXcoOmQj...

170 B
188 B

73ms
72ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWIxNjNkMTMtODcyMi00NDIzLTg4MzMtMjFlZTM3MDFmOTM0&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=1&google_push=AXcoOmQjmfi0ldmA4Y9vsisnuB8N_wZLSxgMhKlbyRrHf6ZHWuTAbzevFmXBgloDzfBI02Ju5-vdS_2TBiMJ8B3Kr6eL93qlAId04w

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWIxNjNkMTMtODcyMi00NDIzLTg4MzMtMjFlZTM3MDFmOTM0&google_gid=CAESEIW6Ud9M8frh4Ibpzlee7F8&google_cver=1&google_push=AXcoOmQjmfi0ldmA4Y9vsisnuB8N_wZLSxgMhKlbyRrHf6ZHWuTAbzevFmXBgloDzfBI02Ju5-vdS_2TBiMJ8B3Kr6eL93qlAId04w
date: Mon, 21 Aug 2023 21:52:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 7631 0
35 B 311ms
46ms Image
text/plain 54.159.4.118

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEJ0TfEk8txXtCrDtc_pMroY&google_cver=1&google_push=AXcoOmS16iO_T7izv_5dBvmGbysyM5WfN6zpUTfGT_IH1n8cpZ5GnDA7W7FMUAiGeIKpxUlZ8tPUqQlyUA7caIw99wcSFg1w9qBGlSU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.4.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7631 43 B
363 B 328ms
52ms Image
image/gif 74.119.119.150

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR94oDqbComAqiHQZ1nWaWwbkOXVuqMSRZYHCCX9n1SwZczDuLKnGrzFXswiA6bpC4pioASVYN-su5p9xBJ8AaP6Py042jLIlw&google_gid=CAESEAN3GOBlVVdaVvtInoNw0K8&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 208429
expires: Mon, 21 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7631
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL_Z-dgZ4FRkbj6cPOXSgd0&google_cver=1&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL_Z-dgZ4FRkbj6cPOXSgd0&google_cver=1&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUxNDk4NzY2MDc1NDUwOTY2NA&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9pl...

170 B
188 B

75ms
75ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUxNDk4NzY2MDc1NDUwOTY2NA&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzMkR9N4FLzDVHSV1v7nMNIHJw

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUxNDk4NzY2MDc1NDUwOTY2NA&google_push=AXcoOmSnq1GdzMWRNlST3v5qySZcvjKKCHFwzbeYDnTUVPBVicHvAYqcdmtcdA4g2CN4KEX1lKi9plzMkR9N4FLzDVHSV1v7nMNIHJw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7631
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdCsnT0Y7EEoDmZ-d2offI&google_cver=1&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y_y...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABihoV8sfx6o1xg2Iis4pcUUwmoZ4iilmy7w&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y...

170 B
188 B

68ms
64ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABihoV8sfx6o1xg2Iis4pcUUwmoZ4iilmy7w&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y_yWg6AC8yK5h7j8Hk7Zw

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABihoV8sfx6o1xg2Iis4pcUUwmoZ4iilmy7w&google_push=AXcoOmRcGXGwRD8qmfStWoXfrvvRqGJev8E4pELH8CpiuWJ3SP_guBwOwZMLUYjE3RZ1uHcLWbqApfWW2y_yWg6AC8yK5h7j8Hk7Zw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 7631
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFe57Sg3GMWw...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTZhMDcxYmQtYTUwNC00MDcwLWJjY2EtNzc5YjNmNWU2YmM3&google_push=AXcoOmSpTpYDBkfqznhoWgEhS01hnQ4MbBxhIXxE_meSMl6Gmy1l5ZiKxDncjWZLAllF0...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

84ms
83ms

Image
image/gif

23.36.173.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Protocol: H2
Server: 23.36.173.27 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Mon, 21 Aug 2023 21:52:40 GMT
pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7631 0
12 B 61ms
60ms Image
text/html 142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jxw2LdCp_xLkvy-zN8p5gbYCgp04X2--LmBTwt2mgmTn4prYsoPZ5cfbr5KBh18P-WUJSplw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/ Frame FBBC 4 KB
2 KB 149ms
45ms Document
text/html 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

756bc3524fb2d54cc53ac30d8168c627d164dd376aa8637c7efa18d541cd82d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 438301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1599
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 20:07:39 GMT
expires: Thu, 15 Aug 2024 20:07:39 GMT
last-modified: Fri, 09 Jun 2023 14:39:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE38 0
0 210ms
75ms Fetch
image/gif 142.250.65.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9Asf78uEr3dyWUfIuV9yNQqNqAiaFgT0a1Lts8HIWaOG_bDt3_SXAFpTUbofLpYE7M-SoLwtr2EqF2t45TkonEcyY_sNAiqtYWAFZsOTUv2yCSGcqrPB5mMKsdLVcefJ1UjcwKCn5PHadRA2Jp4TOYbcmscCDfAfXzd_mLoc7lcsbmw3_9IZMhQrtgO2RHJ7ql7EhcdlDYQbdvGTkX9aYLj5CneZm1e_l4FC1jy67v9gPaWcEo6oBoHLkaPn0HjfJcQgeqcvgEsuELMe8xWF3QHEkW99SC07jumlYgKCeDy8MIV70Z8imG-xgaRA4FczWgH1VnKTMS3ghipg3aPyk21jxTHniO6T9VtbtNhHsPaohGn0oZ2nTDpluG1QDYdcdwhqaDCTnNHi1Oaiawud4OZ3-T9uZEyHPTjxozkuK50JQ3n_0O_XG9C35eThxKDB8p54RS5KXbFhPUqMrfAww1xLdVKRYDgDYNW2kPK0Xsji9dylnoqYq81xUMoobL9qBZj1nhoxIiebEo8JRm6LQ1x_fbuhaHO22AGk2GMCPvGrPiX8YjjVJcKYa2Gy2oalEz2bJTAtR2el4e-ilmF-7GTW7ahoM9P6HfzvibgxHA3y--kytLuztpnhzr0OYmV8SvpjkkyQkBqdpi7gOm3SMjtJod8vg3RyNwTuPAPwp54YeFm7gYYgNny1PO5P0uiOEHbALbrKQOvcMpYK0obu5Rvk5XqgFnz0F0qDQxoQYJ2LJgbFTb23ZnT6qwiw4hRoPWnW3Kv-0CTwayZF8uyW0R4Cz6GUZ_l7nIwdHmjsW3I12VJIAnQridYLp4VKermXe4zqX1YdmwyN_eYKEuaT4N26T3fbzSO5NgcpHgx8z7RkcNz7pknecMtfO97VOhQip_f2nHEtxYmM0BNzuRqU0y-_9jp588_RTJlu9Wl7a9iLA88Qs_FmZFPC7eOrnYbNdEWXapKUEv2A6jQFADMwwv5MeZeePcDsKjprelXeTP875Aa-tQHP9a1gr6iDTT6LyvjljhVv469rVK4PC2BMiYAnjicdHj0ydKTkEV0AqHzVwnN37qovFKPSqkDFFoxO-DeIgGx0XbzWRHZg-BPN5bYNpt7P0QokafKpOCw2YsYhZ_0PUBFHbjy2kgYlzIU_uXqwUPfPanavPCl3EwdHd103uEkcwn9jCV39GX7iUQIvFPoiwVUkJlPPCzGfsDGWfnBU-cqSyhFByOZpCxN7lPhOp1UMIXHQYc72bZ9tQgf1HnIKP8wJeuXkHqS1FwxroL0VrQLmWwNHpNsKqVcXhHIqWUillwk9_eOr8_7pZSbOg1-1cssq2OblYYgy9eeUGbL8ntw&sai=AMfl-YSYvYFKwPjd0Og08aEfjySLRhvaDEf1NlUH3b-ZAliKRMS_13ZKf8-3jt6JsM-gOuHr8iuBLrR5p9mx6jG_SDqOfpQMIa3v0OgFGuuFbrrRm9NKCu33ra6mWfDMn7fke6pj3Su_FLdN84r1AjWXf8agBdGnoMi86E_4L9lpRlsIffSNoHm3NTE_wDvTemvLQeXYP1qF6LhlPkPJySGHNr_vnUmaUZjE03b4fDdf2I5AeOWp7Y-TIRCFzislKoHjwks-zZq-TtDuLw&sig=Cg0ArKJSzOxwxM1PymBjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=574&cbvp=1&cstd=567&cisv=r20230817.41966&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:52:40 GMT

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame CE38 43 B
612 B 214ms
57ms Image
image/gif 2600:9000:2511:7800:19:fc2c:a140:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=662685692&cmid=29960005&sid=8864205&pid=368862604&cgid=559918813&cid=192405092&aid=13226532
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5377441498870241&output=html&h=280&adk=926476324&adf=3768921151&pi=t.aa~a.3369044679~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1692690757&rafmt=1&to=qs&pwprc=4873962057&format=360x280&url=https%3A%2F%2Felviento365.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692654757841&bpp=2&bdt=2222&idt=2&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D099e1919dbd46359-223f5cf3ade300dd%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ&gpic=UID%3D00000d8cf443c437%3AT%3D1692654757%3ART%3D1692654757%3AS%3DALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1588918833483&frm=20&pv=1&ga_vid=671471242.1692654757&ga_sid=1692654757&ga_hid=775090239&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798878%2C44759876%2C44759927%2C44759837%2C31077084%2C31077092%2C31077148%2C44798934%2C44799570%2C31077094%2C21065724&oid=2&pvsid=3332135897228634&tmod=1159942344&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LDc2dyT0QE&p=https%3A//elviento365.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7800:19:fc2c:a140:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:39 GMT
via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: nLxXvvSVDmiOCO3hS5Bsr3U86ZB3E-TL4DYgs7_MH8rGUCmMF1g5dA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E85 37 KB
14 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/ Frame FBBC 4 KB
1 KB 59ms
54ms Stylesheet
text/css 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

672cd6298b3cef85bec9b7f1cbb492050a9414e9c75f69881b8f2b6b7ab26ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 21:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1435
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 14:39:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 21:01:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FBBC 2 KB
428 B 72ms
67ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 21:43:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:52:40 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FBBC 113 KB
38 KB 66ms
61ms Script
text/javascript 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Aug 2023 21:52:40 GMT

GET
H3 200 code.js Show response
s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/ Frame FBBC 3 KB
1002 B 56ms
55ms Script
application/x-javascript 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/code.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3531134141c8b058d5a8df69b55271a4e0d451cf50a2cb4099cda130a343a088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 973
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 14:39:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 13:31:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E85 0
20 B 64ms
63ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLSb6p9zjZPuaL8LW_gTo6biIDAAAAAA4AeAEAg&bg=!WVqlWhXNAAZGPLJIZjw7ADQBe5WfOKXUBn_F_JjwbkGamnie7sQE9CYeCpY0xowYSW-x5-JYBm8d27UJYZWp_xYXrA9NAgAAAHVSAAAADGgBB5kDAENMt0P0D1djr_w1_QfgSj5GfXMQtWsVE-vP2I4iy7ZS_arpRtwOeAPa_3Q7D_X8LQL_gxeliqcsCJIDf0qCX2IeAcJFs8UV8pMFIZf1VjBpj76oe-AY5aSNj6WGbZUP8RCUXkToT-QHtaxZTOJ4Os7CK4cazvyH-6Mrz80GaNisJf78qfjZis4dtBrhBkAPoRsAsn_XjLh9cah5MPNFjHeKJKl3dhyMAO5rJz23KvBJP6VEh3v8oqCVxos76j6pRa8gI_O7e_KJ6JrGO-NK6btvb4EUGl46o1f2rv1BTdpHYMr-M6eLTMF7CF7d1sVVbNKK_sRyx68Futfk5C88D011lI7iz2ajhjAhXSikyt4S6WkNiCmPGIyYMSl2ERbZNwYsQ4wvPdc_wrzO1HeqkRKCzYnqpmYjyPXWWIPT-2gKkuALfUEDzqSb_fWjDBSMaKnFWcrZ4R00gfHKij5VxuEgwhojLJh4F-TVwJLWcrM63fn2cJaNgkNc9X5VIrm7sLIxN6mAzWIH1vO21s76Hds-TcLkoC1bp_EcDtm-QZtLhxz-aKnOlnFQshptzsZ9pGpIG32TFRa3HmMywOnEOr7d7mXSIyTc_-zwFNrEW7HoLwWUpk-UthxBJpJicTTQk4u5p0HpOUMjc0kRgZsPxK1gmpvkFOXLTf9gIKu4BuRkQl7Ifmi0_MMCrC8wJItc-BXIxqOsek2Tns_rSYdTpTQ4KjKSneW8WR-8SySjdpu-vGlJCbM883SRTtkAPrKSUmnUVZek4iuDdrNg7yE-ISNVPdxrPcu_iZuEVWPYVRJAAiKlHnOkFyzX5JQMQ804VP0WEUxTuR8lDZQ6x2fEXzd7hy796BceoFSyR2F8ObmBj6ogrh4DY6RZbKi075M5Gj5i6xUOlv7va85j8xe6aI_AwAvJ-ysQKGRxHwV8FMJbisHpbKVGe0CdFppXK_m8WETahNeUjTZvz8Uf0pM1hIzp92neNiUazrh_juH7A8Jn4y2zrN1rhq43LT1NVE8CTg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.gif
s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/ Frame FBBC 46 KB
46 KB 48ms
48ms Image
image/gif 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/logo.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bca1e1fa0d811a0e38214198f000c066281cb1f76302276060dbd34851586f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 16:17:35 GMT
x-content-type-options: nosniff
age: 365705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47465
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 14:39:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 16:17:35 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame FBBC 23 KB
23 KB 50ms
44ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:26:45 GMT
x-content-type-options: nosniff
age: 221155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:26:45 GMT

GET
H3 200 shine.png
s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/ Frame FBBC 1 KB
1 KB 65ms
62ms Image
image/png 2607:f8b0:4006:81d::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/shine.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6219473964008582083/LT_122122_HE_DropdownLine_Mint_300x250_HTML5/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:21:56 GMT
x-content-type-options: nosniff
age: 502244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1127
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 14:39:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 02:21:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame FBBC 23 KB
23 KB 60ms
53ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:42:31 GMT
x-content-type-options: nosniff
age: 220209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:42:31 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE38 0
0 65ms
63ms Fetch
image/gif 142.250.65.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9Asf78uEr3dyWUfIuV9yNQqNqAiaFgT0a1Lts8HIWaOG_bDt3_SXAFpTUbofLpYE7M-SoLwtr2EqF2t45TkonEcyY_sNAiqtYWAFZsOTUv2yCSGcqrPB5mMKsdLVcefJ1UjcwKCn5PHadRA2Jp4TOYbcmscCDfAfXzd_mLoc7lcsbmw3_9IZMhQrtgO2RHJ7ql7EhcdlDYQbdvGTkX9aYLj5CneZm1e_l4FC1jy67v9gPaWcEo6oBoHLkaPn0HjfJcQgeqcvgEsuELMe8xWF3QHEkW99SC07jumlYgKCeDy8MIV70Z8imG-xgaRA4FczWgH1VnKTMS3ghipg3aPyk21jxTHniO6T9VtbtNhHsPaohGn0oZ2nTDpluG1QDYdcdwhqaDCTnNHi1Oaiawud4OZ3-T9uZEyHPTjxozkuK50JQ3n_0O_XG9C35eThxKDB8p54RS5KXbFhPUqMrfAww1xLdVKRYDgDYNW2kPK0Xsji9dylnoqYq81xUMoobL9qBZj1nhoxIiebEo8JRm6LQ1x_fbuhaHO22AGk2GMCPvGrPiX8YjjVJcKYa2Gy2oalEz2bJTAtR2el4e-ilmF-7GTW7ahoM9P6HfzvibgxHA3y--kytLuztpnhzr0OYmV8SvpjkkyQkBqdpi7gOm3SMjtJod8vg3RyNwTuPAPwp54YeFm7gYYgNny1PO5P0uiOEHbALbrKQOvcMpYK0obu5Rvk5XqgFnz0F0qDQxoQYJ2LJgbFTb23ZnT6qwiw4hRoPWnW3Kv-0CTwayZF8uyW0R4Cz6GUZ_l7nIwdHmjsW3I12VJIAnQridYLp4VKermXe4zqX1YdmwyN_eYKEuaT4N26T3fbzSO5NgcpHgx8z7RkcNz7pknecMtfO97VOhQip_f2nHEtxYmM0BNzuRqU0y-_9jp588_RTJlu9Wl7a9iLA88Qs_FmZFPC7eOrnYbNdEWXapKUEv2A6jQFADMwwv5MeZeePcDsKjprelXeTP875Aa-tQHP9a1gr6iDTT6LyvjljhVv469rVK4PC2BMiYAnjicdHj0ydKTkEV0AqHzVwnN37qovFKPSqkDFFoxO-DeIgGx0XbzWRHZg-BPN5bYNpt7P0QokafKpOCw2YsYhZ_0PUBFHbjy2kgYlzIU_uXqwUPfPanavPCl3EwdHd103uEkcwn9jCV39GX7iUQIvFPoiwVUkJlPPCzGfsDGWfnBU-cqSyhFByOZpCxN7lPhOp1UMIXHQYc72bZ9tQgf1HnIKP8wJeuXkHqS1FwxroL0VrQLmWwNHpNsKqVcXhHIqWUillwk9_eOr8_7pZSbOg1-1cssq2OblYYgy9eeUGbL8ntw&sai=AMfl-YSYvYFKwPjd0Og08aEfjySLRhvaDEf1NlUH3b-ZAliKRMS_13ZKf8-3jt6JsM-gOuHr8iuBLrR5p9mx6jG_SDqOfpQMIa3v0OgFGuuFbrrRm9NKCu33ra6mWfDMn7fke6pj3Su_FLdN84r1AjWXf8agBdGnoMi86E_4L9lpRlsIffSNoHm3NTE_wDvTemvLQeXYP1qF6LhlPkPJySGHNr_vnUmaUZjE03b4fDdf2I5AeOWp7Y-TIRCFzislKoHjwks-zZq-TtDuLw&sig=Cg0ArKJSzOxwxM1PymBjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1033&vt=11&dtpt=459&dett=3&cstd=567&cisv=r20230817.41966&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: elviento365.com
URL: https://elviento365.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:52:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E102 42 B
64 B 63ms
62ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLC-0u_q9a7VQZXGY72B6u9CBz6k4m8C5P4CsPj8PtvAz3rweekoCFipz9M3vjQo5WtdEihJya4I20uhFmvpr3YK36zyEN7HpaoqDt9wqzLxmswbG14n7-mYC2WnkGPnn6JroIBBn9mA&sai=AMfl-YTTyPK3Nz4d7zT5GBNP4jbQkjFv31uFo6WEPG3vkO7X41dAVkD8mIQY_vy6044WhROuS8xSBVHC_va2&sig=Cg0ArKJSzDzi0RaC6tRWEAE&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692654757966&rpt=850&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 68BC 42 B
64 B 61ms
60ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFRnrUFc0AIn8fil8zeWBYhujpGIt995VuCddb77_cEXHBNGlF5cLTiWn5e2FJQKTnvdSBPbhDW_8HLcCtc5psprSj0DbraS6cfkeXJ0l38KJbR5rA5bAwRXqSz1BV-Y26uBi86Y6O1A&sai=AMfl-YTRfvJn9OuojsT3ZTPzE3Sx_6olYb_jI78vwcZj7nNwzVVJ9yd6HM4hc3y-n1ByV9iK_Mc_YsLdljuR&sig=Cg0ArKJSzD92dhB9HvyCEAE&cid=CAQSGwBpAlJWVPLpB5-1_AU-XlYX2YnQqwArO2HjTBgB&id=lidar2&mcvt=1007&p=0,0,600,160&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692654757972&rpt=795&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 67ms
66ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dddbe5186fe0c088d8de702957d41ba3ded4105fcbe693ff63aa0a085b2cb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11736
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 100ms
99ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 21:52:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9027 13 KB
5 KB 53ms
47ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 26844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 14:25:17 GMT
expires: Tue, 20 Aug 2024 14:25:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9F8 829 B
992 B 78ms
72ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30fba6222b3776396f565c601e7751bfdf398fa49df1a0d85d23fcda73c9b039

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-scABtobMH3ide3PZynPE3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elviento365.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-scABtobMH3ide3PZynPE3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:52:41 GMT
expires: Mon, 21 Aug 2023 21:52:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9027 37 KB
14 KB 46ms
44ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9F8 0
0 60ms
58ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=3332135897228634&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9027 0
11 B 141ms
58ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RFG7QA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:52:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE38 0
20 B 61ms
60ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9057018452083&version=m202307240101&ct=76&x=1&cor=8133688715279261000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230817&jk=3332135897228634&bg=!ysmlyYbNAAZGPLJIZjw7ADQBe5WfOJdtnEKY_P8HN_znekcKV8_BspkDhuZbjJrqPH_Gr9Yu12ogPjzwwICcao25E1YLAgAAAQlSAAAADGgBBwoArPOi315PLAF61Ba09oj0p2KB55Gp8MrIxpC7-RLsAkXrH0zAyALTbkzt1rFffFDduJGAmzNtnb9cym_sAqgYIhhd3xNFM-SrAq_Kc1o94zyvc4wvMxCxVPB2_vatpDztpvSUYOG5ZdTJfXtMEUy11nVb7dHnwvHCJOIvDd00EpDdeBDvmbcLWOv4RMAisul7obEG3vug-UJmvt6CKgOwU375ca3vNBXIgJBGaOCZAsTD1gYI4cIatKX-czPr8jcxBYCaIam-Cp3TAjpQf01IbHVJ7aZENq_I3tUxonA47Texq-nSlZ6EmPHoqSWyJQGQjgEbNZV9idghI3MZnkyIieRGYFl12gquhnilse7Tg8quQfqK0_9k8Hjazb_M-Yz_Rlf_qDWu-XlOJonYeQRK_fF5NAATnH7Cd0N5g1tA0fGZMlsjR8lYOKZoKgSBgBSt7bHHKSj-FMImqat520MVw0YGVDYibhGEEZZv3L0r5cvDOuS0j8hzyYCQl6hbmu-SSzm05YofHbDWbDcJ-JuMyuaKq8tTx0CyZIuY-AnbKffIynUnbUH2ngKTTrPvHCZ_9P6m7PtNu0BudX2X1nTFg5csuU-GUOe3XW2FFo8vW4L0ccZarPRWUJ-x9P1sW-DvFJ0ACrv3Ju6DH8HjwTxxMn0u2Iq-hQoN1AsGvrK2HskRtoHSQMn7IXAlrCMwNoxTRhXb8Hn0dxKk3WtyNolCfTD5lRgZ2VkxLMlKtJ8l_FMK4uT6UvVFpZGtFykoyz4fYPaekKpCxjgVTNk3XGS-byb9l1YuWEbWL7RRRl4P15z6m0PDM029jxbUn6XrXcT49It3tG3IcytFcBnpbY2fnNuyD7jvboU9w90xzQGJxubeVAJLvTDvRyXW61pg3NT3FgL_bx2qaLN-ogX_dtdOfZIwfMrk7FSWZ9v4LYMHwwz5FGlNAOfIXrT4hzv4bNN31a6OGrDaQqgBxROs2auRaeGRUIq9LuTAlE1Q14R9vl3XAeW-jAa4YIJv2ItsjXAYiceLTfgx4NotxrA9gn2qlkMdRoN6YdNPRTYYqk0HbguKOmo9DhZBspG52GMMK4TGOH8fYKPK7IoG8FnxsfFbp3s9txthHOQQab4Hwh3lSZ_FELq4yKIz_IZ56FieY5lblR-bFixD-wnvAiHiXaBeVydvGWI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://elviento365.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elviento365.com/	1970-01-20 23:32:30	Name: __gads Value: ID=099e1919dbd46359-223f5cf3ade300dd:T=1692654757:RT=1692654757:S=ALNI_Mby4F6QtMJ3XQgn-TnE0vhC7lKRwQ
.elviento365.com/	1970-01-20 23:32:30	Name: __gpi Value: UID=00000d8cf443c437:T=1692654757:RT=1692654757:S=ALNI_MY2j8Jx9xbJEhfcQujpZpJQfej3pw
.doubleclick.net/	1970-01-20 23:46:54	Name: IDE Value: AHWqTUmfO_PIxjXtLYVfZyrZGdIVo_p8bK--tg-P4imqGitpu4xa-VD_BFmFsP9311c
.googleadservices.com/	1970-01-20 16:20:30	Name: ar_debug Value: 1
pm.geniusmonkey.com/	1970-01-20 23:42:35	Name: ITID Value: MTY5MjY1NDc1OXxvWDhoSzRyVzMxMmdKLVlUZjY2OTViTXdGQzFYSG1oQjhZVWMtcmdVclNEM2lHUWhIXzRWTXhMd0ZUZlRpX1lOcWhraTlFVGtrMWFaWHFDY1ZKRjd3RUtiMF9PaFFzbHlFZDhTOUE9PXzqEyNjyLJF2BBShLZu3VDKzp0_Syo9nwaMhZLlTFojmQ==
.doubleclick.net/	1970-01-20 14:10:58	Name: DSID Value: NO_DATA
.tapad.com/	1970-01-20 15:37:18	Name: TapAd_TS Value: 1692654759786
.tapad.com/	1970-01-20 15:37:18	Name: TapAd_DID Value: 8b122f33-5a4a-477b-9ddf-1a570809cccd
.doubleclick.net/	1970-01-20 18:30:06	Name: APC Value: AfxxVi5DMI3CVyYrRf7G6fXufa6QGuF_mbd8xEpvD1hogaC1xfnlBw
.adnxs.com/	1970-01-20 16:20:30	Name: uuid2 Value: 749922792717419163
.casalemedia.com/	1970-01-20 22:56:30	Name: CMID Value: ZOPcp3UrlzmGdx5t2aLS0QAA
.casalemedia.com/	1970-01-20 16:20:30	Name: CMPS Value: 3665
.casalemedia.com/	1970-01-20 16:20:30	Name: CMPRO Value: 3665
.tapad.com/	1970-01-20 15:37:18	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 16:20:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?kj'Fef!]tbPl1M>e)ZlrFUfJ+tGXxp)Hf<ys[K_>`XpkMVOvHJtEZ!zzX^Y/mwUIpBbpRzqF1`b`3**P@I
.onetag-sys.com/	1970-01-20 23:40:41	Name: OTP Value: 1x0lQu-YLYVL70tdPgdU29k6P0SJuMdn9_bBKo6pYYk
fksnk.com/	1970-01-20 14:20:59	Name: AWSALBCORS Value: PgkfF9N96BmFqnd4iXATRJ3HUcus6Npcd1gU83iAAYfWUgQIFUK6ycQH8UWwq/ZVpJCXh4vA3uVR5x8g9N6c8COJjmRPUPFMwg6bCSx/S2AB1+Fd0KFXbnnQYS13
.fksnk.com/	1970-01-20 16:20:30	Name: f_001 Value: 8DA2816A394B3EA7
.fksnk.com/	1970-01-20 14:12:21	Name: g_001 Value: 1
.adform.net/	1970-01-20 14:55:33	Name: C Value: 1
.agkn.com/	1970-01-20 22:56:30	Name: ab Value: 0001%3AVDA31cAZrqpGS5PgtgqDxnR8M4BEaZwb
.agkn.com/	1970-01-20 22:56:30	Name: u Value: C\|0EAAsdpkoLHaZKAAAAAAAAQAHAAAAAAHJJ0X__x4AAAAAAIdBzQAAAAAV_GWMAAAAAAt33mQAAAAAIV-u3QA
.teads.tv/	1970-01-20 22:55:04	Name: tt_viewer Value: 56a071bd-a504-4070-bcca-779b3f5e6bc7
.inmobi.com/	1970-01-20 16:20:30	Name: idsp_c Value: eb163d13-8722-4423-8833-21ee3701f934
.adform.net/	1970-01-20 15:37:18	Name: uid Value: 5514987660754509664

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=iTdvlm5p1Br-n-sYrPIB6Kyqrt-iYIHBzwEJbwbAZE8r5gUWAsfnjvOrDC62XbDtp0bNyQeqgWlMZw16MKnFpA Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.adform.net
cm.g.doubleclick.net
d.agkn.com
dis.criteo.com
dsum-sec.casalemedia.com
elviento365.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mts0.google.com
mweb.ck.inmobi.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.tapad.com
pm.geniusmonkey.com
rtb.adentifi.com
s0.2mdn.net
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.65.194
142.250.65.226
142.250.80.98
162.43.117.50
185.167.164.39
192.40.39.223
20.85.134.6
23.36.173.27
2600:9000:2511:7800:19:fc2c:a140:93a1
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::2004
2607:f8b0:4006:823::2001
34.111.113.62
34.117.190.90
34.231.66.47
51.222.39.186
54.159.4.118
68.67.160.76
74.119.119.150
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
11edc6d1acd75909e1874c7f3180d2a09e01763caf846435281955f8217bb176
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b14a0d0b8ac786788e5a30321e48be321ffd2a5b878aacb49e3481cac96c36f
2acdbbbcbb4e0e8ce41a834437473e4c61eaa92bf3578cc0d6bd00c5a40db2eb
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0
30fba6222b3776396f565c601e7751bfdf398fa49df1a0d85d23fcda73c9b039
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46
3531134141c8b058d5a8df69b55271a4e0d451cf50a2cb4099cda130a343a088
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4721cc6f6b40deb1c9a273f6c82c02e8eed29dd12f23577c8bc0f50addae59bb
48867cc49004a59a968326ebe77e727f23bef002f4a43229eed6f26d443fc015
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f3a8d8c9e7ab2165e9a255be0af2638de5ba7054b910d1b5fef99f7167df4b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626f0eac29633f422ca6d98c83c20efd96386c06bbc20a4d3b2af85e04471073
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
672cd6298b3cef85bec9b7f1cbb492050a9414e9c75f69881b8f2b6b7ab26ae4
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6dddbe5186fe0c088d8de702957d41ba3ded4105fcbe693ff63aa0a085b2cb5b
72b6e0f1f3dcd34eac9892e1c93e948a8594e34736b1dc9e1a3e3d78bbcd123b
756bc3524fb2d54cc53ac30d8168c627d164dd376aa8637c7efa18d541cd82d8
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8e5ff9170667101e9bc3a764d22b3fa40aa0301ae2e616449c580e6756949612
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8693ccc79a0ac323f905b57a792fcee8d94fcc72e9af8e5b9ee898bb583179
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b81ec6a4c3268b5c5db4a3264636b2c2a1a28404184d9bef71ad73ec8c9484fb
bca1e1fa0d811a0e38214198f000c066281cb1f76302276060dbd34851586f54
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c072f6e3937b176a7933231cba75fd0f310cca7e423932337ef3dc6d2e63605a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15e0e39b014438b47780bff53d3b66d1c44e4023ea6ba986e5816bf4d6bf971
e1779db92c62463ad84971b21cc14dcc4da5907dea0b8ff5672e7f5ad6aac8ff
e24be98eb62472ab74767bc34b2919abf70117e3baef799525c0ed0062b36b77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b6de1ece600edb471a777c6914c6aabe588f435d4ddba30323b55ce3c1d10c
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

elviento365.com Open in urlscan Pro 162.43.117.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

89 %HTTPS

44 %IPv6

21 Domains

27 Subdomains

23 IPs

2 Countries

1575 kBTransfer

4356 kBSize

25 Cookies

1 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elviento365.com Open in urlscan Pro
162.43.117.50 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

89 %
HTTPS

44 %
IPv6

21
Domains

27
Subdomains

23
IPs

2
Countries

1575 kB
Transfer

4356 kB
Size

25
Cookies

134 HTTP transactions
9 data transactions