www.1secmail.com Open in urlscan Pro
178.32.61.35 Public Scan

Software

cafe /

Resource Hash

3de677a8d3712c2f50c95238aba2043b9441b67ae0d9482a4fb3843bb4551cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48848
x-xss-protection: 0
server: cafe
etag: 445353719407794436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:53 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 395ms
28ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.1secmail.com/
Origin: https://www.1secmail.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:52 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-1538f"
vary: Accept-Encoding
x-hw: 1679965372.dop001.lo4.t,1679965372.cds275.lo4.hn,1679965372.cds261.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 core.js Show response
www.1secmail.com/ 2 KB
824 B 29ms
29ms Script
application/javascript 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1secmail.com/core.js
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: f0bf8a3b0fc98c654b280059cc60bbe10430ccb63e674882e72333cc69b6ffad

Request headers

Referer: https://www.1secmail.com/
Origin: https://www.1secmail.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:52 GMT
content-encoding: br
last-modified: Wed, 20 Apr 2022 14:22:24 GMT
server: nginx/1.22.0
etag: W/"8ec-5dd16b8e7a549"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 how-to-make-sure-our-messages-dont-end-up-in-the-wrong-hands.jpg
www.1secmail.com/bimg/ 29 KB
29 KB 33ms
33ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/bimg/how-to-make-sure-our-messages-dont-end-up-in-the-wrong-hands.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 6e3a58bd2d2512bce957e5e7e5b212279306060d55935e376e95309a3d52ffd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Tue, 25 May 2021 12:42:03 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "743c-5c326da5f42b8"
content-length: 29756
content-type: image/jpeg

GET
H2 200 how-many-e-mail-addresses-should-we-have-and-what-should-we-use-them-for.jpg
www.1secmail.com/bimg/ 65 KB
66 KB 53ms
51ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/bimg/how-many-e-mail-addresses-should-we-have-and-what-should-we-use-them-for.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 087ee04914dd1ca84448b8847f0d5649c74c50c2df37fec555e4747758f8ce71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Tue, 25 May 2021 12:42:05 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "105bf-5c326da839f5d"
content-length: 67007
content-type: image/jpeg

GET
H2 200 disposable-emails-and-safety.jpg
www.1secmail.com/bimg/ 61 KB
62 KB 100ms
99ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/bimg/disposable-emails-and-safety.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: e6a6844d307c2f3ac27885b9f66c6fb5dee6ad01b3cfcfa1e63a9dcf3f7c0216

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Tue, 25 May 2021 12:42:03 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "f5ee-5c326da59eb86"
content-length: 62958
content-type: image/jpeg

GET
H2 200 confidentiality-in-electronic-contacts-through-email.jpg
www.1secmail.com/bimg/ 23 KB
23 KB 107ms
105ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/bimg/confidentiality-in-electronic-contacts-through-email.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 267c4f94fc5681de690d79eb56f1fd5af928d76e0f598b0926a34f78bd1f66ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Tue, 25 May 2021 12:42:02 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "5c69-5c326da5432ac"
content-length: 23657
content-type: image/jpeg

GET
H2 200 piwik.js Show response
www.1secmail.com/i/ 62 KB
18 KB 110ms
109ms Script
application/javascript 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1secmail.com/i/piwik.js
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 14e54752e486d20c20300f8b219f4ddd18bb52fcec98fa938362df5ca93e0f08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Mar 2023 01:02:53 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 14:25:59 GMT
server: nginx/1.22.0
etag: "61fbe5f7-46d7"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800, public
content-length: 18135
expires: Tue, 28 Mar 2023 01:14:41 GMT

GET
H2 200 bcg.jpg
www.1secmail.com/img/ 107 KB
107 KB 108ms
108ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/img/bcg.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 97404fc4d41329be7cb48fcb807f74830e919c6844d6b224e9edfb933b50920a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Tue, 05 Jun 2018 23:58:18 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "1aac9-56dedd30058f3"
content-length: 109257
content-type: image/jpeg

GET
H2 200 logo.png
www.1secmail.com/img/ 5 KB
5 KB 108ms
108ms Image
image/png 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/img/logo.png
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 8ce5e89696826acb858812cf6e277f61f438e7ed9ee415cc4e5d91716ffe45d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Thu, 07 Jun 2018 20:36:59 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "1469-56e133ec3197e"
content-length: 5225
content-type: image/png

GET
H2 200 arrow2.jpg
www.1secmail.com/img/ 682 B
823 B 100ms
100ms Image
image/jpeg 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1secmail.com/img/arrow2.jpg
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 /
Resource Hash: 1aa3589c5e9d9b0ba02dd37a697399f6c77db0b4ad23d06c1c27fd67a0b99f71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
last-modified: Wed, 06 Jun 2018 16:33:59 GMT
server: nginx/1.22.0
accept-ranges: bytes
etag: "2aa-56dfbbbd530b4"
content-length: 682
content-type: image/jpeg

GET
H2 200 SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
fonts.gstatic.com/s/cairo/v22/ 32 KB
33 KB 418ms
36ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v22/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

114150d4f5a9a671657e7abcb6fea8aea5ba175eff62f04cbaedff3caaabf450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.1secmail.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:38:46 GMT
x-content-type-options: nosniff
age: 577447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32960
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 19:56:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:38:46 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 49 KB
50 KB 30ms
29ms Font
font/woff2 172.64.133.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin: https://www.1secmail.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R642BXYX68J1RF1B
age: 1273633
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50372
x-amz-id-2: gckhzVTlACk0cAeThUKisbCza/PShIZnkhrcxp/n47hXqJqgve/iJJPQYS5oHyfUdMkZ3a2QN55sFLzTpjFk8A==
last-modified: Wed, 30 Jun 2021 15:27:47 GMT
server: cloudflare
etag: "8a8c0474283e0d9ef41743e5e486bf05"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUcw1YnvFdu0IaLzz0GqtB%2FSUi2CB9EtwzzuAs0YwCy3WMGx8ItNewW9tFDRGeGJuKVd6bOlnBiAtv%2FxVVkZvQbSbvvFPFHMEHrYevPuTdqzbYJ9Kg6092vklPf1obnCSeAnP6bm"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7aebf33d798c74a1-LHR

POST
H2 200 mailbox Show response
www.1secmail.com/ 299 B
379 B 101ms
100ms XHR
text/html 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1secmail.com/mailbox
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 / PHP/8.1.11
Resource Hash: 7024fde45a76edf9d937bfe7e88673419e1666594ff130a94e1eeb3afa2d2148

Request headers

Accept: */*
Referer: https://www.1secmail.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:53 GMT
content-encoding: br
referrer-policy: origin-when-cross-origin
server: nginx/1.22.0
x-powered-by: PHP/8.1.11
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 400 piwik.php
www.1secmail.com/i/ 410 B
572 B 3969ms
3968ms Ping
text/html 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1secmail.com/i/piwik.php?action_name=1sec%20MAIL%3A%20disposable%20temporary%20email&idsite=13&rec=1&r=314142&h=1&m=2&s=53&url=https%3A%2F%2Fwww.1secmail.com%2F&_id=095f407a08685ed9&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=uZ0SNJ&pf_net=76&pf_srv=31&pf_tfr=1&pf_dm1=471
Requested by: Host: www.1secmail.com
URL: https://www.1secmail.com/i/piwik.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 / PHP/8.1.11
Resource Hash: cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer: https://www.1secmail.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.1secmail.com
date: Tue, 28 Mar 2023 01:02:57 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
x-powered-by: PHP/8.1.11
content-type: text/html; charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 81ms
80ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6298682766208947&plah=www.1secmail.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cc020434ea656f2b366660f10dd099f131436f3b7219a115864fb657579db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119756
x-xss-protection: 0
server: cafe
etag: 16607107624225786917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/ Frame 439D 10 KB
5 KB 421ms
37ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 28704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:04:29 GMT
etag: 2378337311435320485
expires: Mon, 10 Apr 2023 17:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 426ms
44ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.1secmail.com&callback=_gfp_s_&client=ca-pub-6298682766208947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6298682766208947&plah=www.1secmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cb206fd9f7fad799dfbf0fa04605335e89ed5bf84cbd88ba01a33495dc633a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 453ms
45ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.1secmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 429ms
46ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1secmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4239 0
188 B 319ms
80ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&adk=1812271804&adf=3025194257&lmt=1679965373&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.1secmail.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373541&bpp=6&bdt=970&idt=148&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3688663702557&frm=20&pv=2&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4411 75 KB
36 KB 516ms
287ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=1724797542&adf=4133413360&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373547&bpp=3&bdt=976&idt=172&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=105&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FR4IfblJHO&p=https%3A//www.1secmail.com&dtd=177

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52e76bd186f393b7b96d9e00903c26e307cbdafb993a79dfed92818374585102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A575 97 KB
33 KB 559ms
335ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a11395e21ff8ad8aca3a151007f1c97beb4a6569bf6cef93351f27899243cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A19 70 KB
22 KB 530ms
313ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=3419437759&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373552&bpp=1&bdt=981&idt=180&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=N2Tpzwgfga&p=https%3A//www.1secmail.com&dtd=182

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f876afe77a50a1a24ce78bf2c0890419bff0e5e89c62480a3733be608013a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 22553
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14D3 75 KB
36 KB 655ms
444ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d7a3ecabfde9d5b63ae89496a534696a78b1b4a9937a5982c218ea4c92f3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4411 42 B
173 B 75ms
74ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEKFEJs0KwHp4Tssb-aL1DdxsPBRrhCITKCOuRf8uhYOIUinbTQtXmdGayzHE2mqgg2TLVktFxsNXbmF4d2opTaEw51PVburN9BMu10xuPLsBsd1o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=1724797542&adf=4133413360&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373547&bpp=3&bdt=976&idt=172&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=105&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FR4IfblJHO&p=https%3A//www.1secmail.com&dtd=177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 305C 624 B
507 B 59ms
58ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNVbvLHv85vC50LOnMw-SluKtfvAcnRfc9FDBJ4BTUOYnIbZdk3o7hnkE_xjie26JYUQojz6SBr0TwUQAn7M0h3Q3akFaPQJtL7Y3MVs8PiswoRY4KZobQCVg4HY9AipkejCzc6ZoxHONYqB64RaItMCOrOsJc_ULtaJaGl01rWpmpDS7-s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=1724797542&adf=4133413360&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373547&bpp=3&bdt=976&idt=172&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=105&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FR4IfblJHO&p=https%3A//www.1secmail.com&dtd=177
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/ Frame 4411 22 KB
9 KB 43ms
43ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:36:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame 4411 3 KB
1 KB 490ms
78ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:27:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 20:27:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame 4411 20 KB
8 KB 458ms
46ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/elements/html/ Frame 4411 7 KB
3 KB 43ms
42ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c655bd4daa994bdb0ab47f86fa1caf51114e7f31f11293fe7e50de22a8c6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3047
x-xss-protection: 0
server: cafe
etag: 2740137744889871072
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:36:20 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4411 0
0 173ms
76ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufX5JcZPNYF_rasiZUzFALYblIjUsHjQ3cvHhzYuv38aLTh5VVUiEtG-HmchE0BzRv-QlVdsRTy3vH-PatVXIRdmPRjqiAlZ9xcTufg_Yp5dmvHqyxRwM0bMNtubwqmOo83MIPbfAPbkjeHAftsyT05YfgknYoMEu_D3i7yjsdDWLeHQfVS6kykpGkXqJdqzWizebtZjauEi6bnwUl57H-xkyuIPHFcFsMrw-Q99MhH2PSvgZ2GrakEtnDY2EJBzZIng2om3DVAY8jBMIVlsmIcz39kRXsxGP8I_PplxdsVFgAmoEY30wiLDnSnEFtS5fVg2uXX8KhxYBMnLWh6NC7tcYccpodKyIlZZ7jVaf8cutOQh9hPFPmWRDZFs2gDq_BZwJsrgZOq0NYp0x3AO89rD1cqVCPIzy3JuJD6UVuYGt62NThyUnhly5ztLi5qo1kjKZzLq-NaAlpMxwKSZqRhU7sFhRS6TYcY9sOk87rD5v8XOQO05Ve0flp0E5jiG2GYbnN4suhwhxd3CvSdTyYlCBTAAxYYMmeq3R_OoIblAXFosF0pikiQCO9A4x9GLAL48zaPcEn2BscH-THw-DqbZHtsDZR7GFVPbVKcfX0MdP0j_O3v4U1vpDb6S7c33frlkwl4UrM9yd2JVQ78z81e4ZFAPKOPSUh-osRu4sqQWeD4vykM5fA5pZThdjNTZZBcud45lqa_tFubKEZStIGdtwG9R1T0m_J-oO35UkiShSwgBlQ2QcKepeF_bqErEmVTAxviHN5j-cKCF1nrdwydSIqY-ixYgX_l80oK1fWzieMV5lyBQqZ3iSsh5mCVzTIzMwOKLhrmRSzf1A3uMhIhvkhfeJ-8iayb6pCeoNtmOxiq3IgGVyrY580hLDgNe3VSZNcV57Bz8XTWwMzq9oY0J0X6qEkj2okOoLHxo4Bq5_JeGqSalO7yxRxiRU65XG_SuV0pdRnX9JExwG6RKKHXqmfDYLudlCMSOdyW23y77b3FuUzsJtPbak_ZVsN-J4SJkH8ps5gNsc9tXKESW9AYsA6CySfJ6d0sjn6ZB_4KxIQspG506AoUceULzM5yn4mRBO-eeBfBniQMcyLGlpuk8Lw8szh7KXtGeZnfPkAbdEPzIIjrNcyaouc7g&sai=AMfl-YQ5_UrnhC_Itw0cN3vbNlOoUKXT_-XxA_U_lXI6QjLziioIChGxQzd9OM5f3qHvLMD2yu-mieGDv_zfUcyb-SflOyT_9d-KoCAs0eJ-x8mgutgFMgLtI9_pVHQwZfyMkoo0BenWyLTW0qMtng8LRqlxIUy9b3VLyvhDrRA2Dm-9QK1gLn_vBFPjOrPQBK_gOvY9LvcDZfFt15XPSvwhXsJY_WC9We3z66MssR8yZr8&sig=Cg0ArKJSzHEcpUhQC8jUEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230323.07005&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4411 41 KB
15 KB 503ms
97ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:39:21 GMT

GET
H2 200 17089308167566500240
s0.2mdn.net/simgad/ Frame 4411 151 KB
152 KB 442ms
36ms Image
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17089308167566500240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

e9bea2cc32cd4e4ba8e669c003d7340e772c2ad91974909dbac94550d00ee893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:08:35 GMT
x-content-type-options: nosniff
age: 456859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154621
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 10:11:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:08:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4411 158 KB
49 KB 493ms
97ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/ Frame 6A19 22 KB
9 KB 474ms
80ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=3419437759&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373552&bpp=1&bdt=981&idt=180&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=N2Tpzwgfga&p=https%3A//www.1secmail.com&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A19 8 KB
812 B 49ms
46ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:04:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/ Frame 6A19 14 KB
3 KB 441ms
39ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 12:52:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 12:52:26 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/ Frame 6A19 377 KB
129 KB 440ms
40ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

aee407c8156259410d42a2bd3fe6594c28a91e6dd9bd6647fd3b9f63e3d9fdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 12:52:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131667
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 12:52:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame 6A19 20 KB
9 KB 429ms
37ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A575 8 KB
968 B 60ms
50ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:05:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame A575 2 KB
846 B 480ms
114ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 305C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNVbvLHv85vC50LOnMw-SluKtfvAcnRfc9FDBJ4BTUOYnIbZdk3o7hnkE_xjie26JYUQojz6SBr0TwUQAn7M0h3Q3akFaPQJtL7Y3MVs8PiswoRY4KZobQCVg4HY9AipkejCzc6ZoxHONYqB64RaItMCOrOsJc_ULtaJaGl01rWpmpDS7-s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 305C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCI8vm8PEUh2weny1WUPdgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNVbvLHv85vC50LOnMw-SluKtfvAcnRfc9FDBJ4BTUOYnIbZdk3o7hnkE_xjie26JYUQojz6SBr0TwUQAn7M0h3Q3akFaPQJtL7Y3MVs8PiswoRY4KZobQCVg4HY9AipkejCzc6ZoxHONYqB64RaItMCOrOsJc_ULtaJaGl01rWpmpDS7-s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 305C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCN8m9L1lFozid6_ny_Qc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEsCN8m9L1lFozid6_ny_Qc%26google_cver%3D1

43 B
1 KB

37ms
37ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEsCN8m9L1lFozid6_ny_Qc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNVbvLHv85vC50LOnMw-SluKtfvAcnRfc9FDBJ4BTUOYnIbZdk3o7hnkE_xjie26JYUQojz6SBr0TwUQAn7M0h3Q3akFaPQJtL7Y3MVs8PiswoRY4KZobQCVg4HY9AipkejCzc6ZoxHONYqB64RaItMCOrOsJc_ULtaJaGl01rWpmpDS7-s

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
AN-X-Request-Uuid: f27b89f7-6daa-4723-94d9-bdba7b86ba85
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 5.187.21.101; 5.187.21.101; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
AN-X-Request-Uuid: 4d1cecc3-dc97-433c-b06f-0fef7d323eec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEsCN8m9L1lFozid6_ny_Qc%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 5.187.21.101; 5.187.21.101; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 305C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczOTY2NTMwNDg1NjYzODc3

170 B
188 B

47ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczOTY2NTMwNDg1NjYzODc3

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Mar 2023 01:02:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.101; 5.187.21.101; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c5df0294-6309-4d6a-b4be-4007c6769322
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczOTY2NTMwNDg1NjYzODc3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A575 0
0 84ms
81ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4WAEvTwiZIOPPM2d9u8PnoqCoALY6eS_b4OGqqGaEZDWtv6TDhABIJXw2BRguwagAcr_95MByAEJqAMByAPLBKoExwFP0PoUeoHnL2_qgz1-gOH_Ot23kSssC3J3LT95rRE4Ll_RCtwqLTSSP5uVGmdH3tBj1sJrFaNWPMlQnLrwEjHC1gpAfXMS5WNJ7aJdyp3ecYyMp5Drvhxm0FMRlevqzY7B-FpUkc1R7pJ5SuOY4JsHrIoffLGVoAaQS1pnvVn13j5jYNj73DbyFVz3_OO4zo-MdbWLrk4oiz5YaVoFd-fG_q2zbMuQt-8eaApeMxt5CLyc7Neuu4iZWw87Od-EzQQ4Vl_bMAfcwASx2fLOngSSBQQIBBgBkgUECAUYBKAGLoAHnoCI7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDKPdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTYyOTg2ODI3NjYyMDg5NDcYAA&sigh=F7spMMT9f7Y&uach_m=[UACH]&cid=CAQSGwDUE5ymC6E1kuvT2lbr0GgcIkCaVdlacGThmhgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/ Frame A575 22 KB
9 KB 419ms
85ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame A575 3 KB
1 KB 440ms
106ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:27:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 20:27:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame A575 20 KB
8 KB 374ms
41ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A575 158 KB
49 KB 370ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame A575 34 KB
15 KB 429ms
36ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 22:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 22:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 22:53:45 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11205364986849789898/ Frame A575 10 KB
10 KB 413ms
90ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11205364986849789898/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fb782aaff1090eb0064a0596de8d852f249984e81c4feda1733c4776030a871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:45:11 GMT
x-content-type-options: nosniff
age: 400663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9765
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 07:51:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Mar 2024 09:45:11 GMT

GET
DATA 200
OK truncated
/ Frame A575 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A575 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D3 42 B
107 B 70ms
69ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJqUmUsOto-LfBYlrz7uvVeVIlelvCVkmDbSbleIjak9Ot2qo0LoGCsO-5wIORSHV24TzTf45YNAn1I_ram4QdMnF8P9qhBIb4NIMyECMLLci92zQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1267 624 B
368 B 52ms
51ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNV616PwkzjfDDAyqw8d7xafdQdscpA85BZz4l6lpYrm_crKLKdNsbiyUOCzUMSYnjkqmkPIH3xMcz1al6bhqEnzYWAn3rVcjsXmKw51pY2VczElxRn6beWBinCKDpKXL9rxdHc-EnuVTvi6qs0TNPIPU7VZx5li0F8uQYXVVpM8NIOiEYs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:54 GMT
expires: Tue, 28 Mar 2023 01:02:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17089308167566500240
s0.2mdn.net/simgad/ Frame 14D3 151 KB
151 KB 338ms
76ms Image
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17089308167566500240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

e9bea2cc32cd4e4ba8e669c003d7340e772c2ad91974909dbac94550d00ee893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:08:35 GMT
x-content-type-options: nosniff
age: 456859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154621
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 10:11:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:08:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/ Frame 14D3 22 KB
9 KB 36ms
35ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:36:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame 14D3 3 KB
1 KB 367ms
107ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:27:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 20:27:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/ Frame 14D3 20 KB
8 KB 328ms
69ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230323/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 14:12:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14D3 158 KB
49 KB 365ms
116ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/elements/html/ Frame 14D3 7 KB
3 KB 36ms
35ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230323/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c655bd4daa994bdb0ab47f86fa1caf51114e7f31f11293fe7e50de22a8c6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3047
x-xss-protection: 0
server: cafe
etag: 2740137744889871072
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:36:20 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 14D3 0
0 159ms
74ms Fetch
image/gif 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssG4CfmccT2BrXkDorVuQ_d05wNgFwhGSMRWuaV56Nsqc-jQU1DBPw7DiBsI2Wutx1n1pAv-yoTEzhtbdamI2lM-EnbyPGyTHlF2olDCe_f-9y1ZcXy0YE26twBA6v0lTRyjqVMJgwRcSanvnBxHGdwbKzyx4FWs0zxszpnHGuhuYv3tHdqJPwjekoCU4GwSFFndDhmWNOl7nrF4u_PrMO28Sh7e_XzQn9ewjbpocQsbL4BzDB5uVujTKeyF97xkPwuihC1TomgbbnWIiWb7ugLnGO4vib4l2c44YrefnPZY5v9Np72glHsptGb-1Fh119gty4xwCzUxkbuE82CzgkC4_Jd6bh507fqZ2QoTaXe0KbNSk0Zn8sufy39L9DbPoxQzCfr2fz5IVr0SQmxUiGVs_4HObuHPpNN0OWZiOSuWb11B1PCTTU_09MRrn76JPqBI8IucUwiEjp5eQ6bAnJEZNjZMLCjPfTeqCmpxI-G_sTVclLEg8NPlcDgDd-Ffg1qY2wcEHy9vRcgSzBhCSQm1HNiNOigbW5uhLHlVscD1fN-wWDfYmE8NVHk1QMNssVyv1EBij3bRWZmCp2-35fSz5kM1kezq_kwyi5Fr8bVgIC_wh1ZNMNf1om6tfZm7Ju0kIquPFrBvNHAXcVqRiM7wMGXrLrsl5r0nemXvI1JgyuMneVvbbz7dw30cI4Qs8hkw6xe5rVVEtKVwJnYiqLc3yHJ9MobCpUijO2Ug2cl6VuMFUF3NITuIf1cDYhPqH8qf0iKYOaucQZoPtoR9RwbDLY1jJgSiwW1CCPtNrs54CycQ5SJ9VBGaBOqqstCXdfqaMP_H9ujJMpNwrDV2p1Od7u8smgq9UO6JYH2mS4vDsZSgdP4XzWlA-9UiE3NR6wfWwwXycf7XJ0i61tMs2Hdt9zvMUJTIE3J58Ba2NhxyoOwCYae6C7zH2S-QD9kyrZOiePQQeb_dVC5d9QGdmVerZEswT9gOQ5QaJ5W50TaOT_uUaWVTtwHgVx50_G1uJXMS8g34B5n-KfcmCi73hxze-hTvjkKj54i6IZoLXu8iMnMR5nbm4Amci41y3FqkDBsn69KgpVQcTcx1KwUA5ayNu4IiKJjI1GIufAyzi-VrXSYTupYH08ufMiyGFJ3XBtgVhW5HVjZTRxfr5e_L_T7Mz1N3ZXt43KC&sai=AMfl-YTahTAH-EaS4eWJJjNnl8v9eI6oJ6PRcUBZWwsUKSP4r3XCRgHxzZPmAX96Tk-b7ngsZlarn0TRhwziFPk8t4I3ktv9HuGvxElN5h7S0yB55cA9lRACK9l6MgpDijuHp7cCLURxvvKsN7o3UliF78m22xITvK2JCKtUh8ur5kcCHK8GTaHaPERHwfdYOJ4zxVlgkDje86IcRmApHxlmwAElXHcPmx6UdLS6UpEai7U_NWhlDuQbAcmC1cE&sig=Cg0ArKJSzELgi-fHmDx7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wb3NzaWJsZWV2ZW50LmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230323.85532&arae=0&ftch=1&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 14D3 41 KB
15 KB 363ms
108ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:39:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1267
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNV616PwkzjfDDAyqw8d7xafdQdscpA85BZz4l6lpYrm_crKLKdNsbiyUOCzUMSYnjkqmkPIH3xMcz1al6bhqEnzYWAn3rVcjsXmKw51pY2VczElxRn6beWBinCKDpKXL9rxdHc-EnuVTvi6qs0TNPIPU7VZx5li0F8uQYXVVpM8NIOiEYs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1267
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCI8vm8PEUh2weny1WUPdgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNV616PwkzjfDDAyqw8d7xafdQdscpA85BZz4l6lpYrm_crKLKdNsbiyUOCzUMSYnjkqmkPIH3xMcz1al6bhqEnzYWAn3rVcjsXmKw51pY2VczElxRn6beWBinCKDpKXL9rxdHc-EnuVTvi6qs0TNPIPU7VZx5li0F8uQYXVVpM8NIOiEYs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENLTszcGaK8whP-Me41ewG0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1267
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCN8m9L1lFozid6_ny_Qc&google_cver=1

43 B
1 KB

68ms
39ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCN8m9L1lFozid6_ny_Qc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGObj3-EBMAE&v=APEucNV616PwkzjfDDAyqw8d7xafdQdscpA85BZz4l6lpYrm_crKLKdNsbiyUOCzUMSYnjkqmkPIH3xMcz1al6bhqEnzYWAn3rVcjsXmKw51pY2VczElxRn6beWBinCKDpKXL9rxdHc-EnuVTvi6qs0TNPIPU7VZx5li0F8uQYXVVpM8NIOiEYs

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 01:02:54 GMT
AN-X-Request-Uuid: 4a6e73b6-49e4-4766-8845-3eda18ce5f9c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 5.187.21.101; 5.187.21.101; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCN8m9L1lFozid6_ny_Qc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1267
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMzMzQzMTI5OTc5OTk5OTg1OA%3D%3D

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMzMzQzMTI5OTc5OTk5OTg1OA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Mar 2023 01:02:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.101; 5.187.21.101; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f31c3ec5-f62f-45b0-a229-4083cb33a062
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMzMzQzMTI5OTc5OTk5OTg1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4411 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c7e6d6ee8b391745d4a3b174640c29aad72bc6fd1cfab0383cd4ec28fb51405

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 14D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d32cc44ceee4edc0cb7f0eb5e0c5ed5a833fa81728989c7626401746d4631159

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 998D 22 KB
8 KB 37ms
35ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 202150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 16:53:44 GMT
expires: Sun, 24 Mar 2024 16:53:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8405 22 KB
8 KB 36ms
35ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 202150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 16:53:44 GMT
expires: Sun, 24 Mar 2024 16:53:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A575 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 655b957fcf267493e18edaeb11c3b7ed7d37f11cf9fc16d0fec40799ff59e864

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4411 0
0 76ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufX5JcZPNYF_rasiZUzFALYblIjUsHjQ3cvHhzYuv38aLTh5VVUiEtG-HmchE0BzRv-QlVdsRTy3vH-PatVXIRdmPRjqiAlZ9xcTufg_Yp5dmvHqyxRwM0bMNtubwqmOo83MIPbfAPbkjeHAftsyT05YfgknYoMEu_D3i7yjsdDWLeHQfVS6kykpGkXqJdqzWizebtZjauEi6bnwUl57H-xkyuIPHFcFsMrw-Q99MhH2PSvgZ2GrakEtnDY2EJBzZIng2om3DVAY8jBMIVlsmIcz39kRXsxGP8I_PplxdsVFgAmoEY30wiLDnSnEFtS5fVg2uXX8KhxYBMnLWh6NC7tcYccpodKyIlZZ7jVaf8cutOQh9hPFPmWRDZFs2gDq_BZwJsrgZOq0NYp0x3AO89rD1cqVCPIzy3JuJD6UVuYGt62NThyUnhly5ztLi5qo1kjKZzLq-NaAlpMxwKSZqRhU7sFhRS6TYcY9sOk87rD5v8XOQO05Ve0flp0E5jiG2GYbnN4suhwhxd3CvSdTyYlCBTAAxYYMmeq3R_OoIblAXFosF0pikiQCO9A4x9GLAL48zaPcEn2BscH-THw-DqbZHtsDZR7GFVPbVKcfX0MdP0j_O3v4U1vpDb6S7c33frlkwl4UrM9yd2JVQ78z81e4ZFAPKOPSUh-osRu4sqQWeD4vykM5fA5pZThdjNTZZBcud45lqa_tFubKEZStIGdtwG9R1T0m_J-oO35UkiShSwgBlQ2QcKepeF_bqErEmVTAxviHN5j-cKCF1nrdwydSIqY-ixYgX_l80oK1fWzieMV5lyBQqZ3iSsh5mCVzTIzMwOKLhrmRSzf1A3uMhIhvkhfeJ-8iayb6pCeoNtmOxiq3IgGVyrY580hLDgNe3VSZNcV57Bz8XTWwMzq9oY0J0X6qEkj2okOoLHxo4Bq5_JeGqSalO7yxRxiRU65XG_SuV0pdRnX9JExwG6RKKHXqmfDYLudlCMSOdyW23y77b3FuUzsJtPbak_ZVsN-J4SJkH8ps5gNsc9tXKESW9AYsA6CySfJ6d0sjn6ZB_4KxIQspG506AoUceULzM5yn4mRBO-eeBfBniQMcyLGlpuk8Lw8szh7KXtGeZnfPkAbdEPzIIjrNcyaouc7g&sai=AMfl-YQ5_UrnhC_Itw0cN3vbNlOoUKXT_-XxA_U_lXI6QjLziioIChGxQzd9OM5f3qHvLMD2yu-mieGDv_zfUcyb-SflOyT_9d-KoCAs0eJ-x8mgutgFMgLtI9_pVHQwZfyMkoo0BenWyLTW0qMtng8LRqlxIUy9b3VLyvhDrRA2Dm-9QK1gLn_vBFPjOrPQBK_gOvY9LvcDZfFt15XPSvwhXsJY_WC9We3z66MssR8yZr8&sig=Cg0ArKJSzHEcpUhQC8jUEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=655&vt=11&dtpt=653&dett=2&cstd=0&cisv=r20230323.07005&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Mar 2023 01:02:54 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 14D3 0
0 74ms
73ms Fetch
image/gif 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssG4CfmccT2BrXkDorVuQ_d05wNgFwhGSMRWuaV56Nsqc-jQU1DBPw7DiBsI2Wutx1n1pAv-yoTEzhtbdamI2lM-EnbyPGyTHlF2olDCe_f-9y1ZcXy0YE26twBA6v0lTRyjqVMJgwRcSanvnBxHGdwbKzyx4FWs0zxszpnHGuhuYv3tHdqJPwjekoCU4GwSFFndDhmWNOl7nrF4u_PrMO28Sh7e_XzQn9ewjbpocQsbL4BzDB5uVujTKeyF97xkPwuihC1TomgbbnWIiWb7ugLnGO4vib4l2c44YrefnPZY5v9Np72glHsptGb-1Fh119gty4xwCzUxkbuE82CzgkC4_Jd6bh507fqZ2QoTaXe0KbNSk0Zn8sufy39L9DbPoxQzCfr2fz5IVr0SQmxUiGVs_4HObuHPpNN0OWZiOSuWb11B1PCTTU_09MRrn76JPqBI8IucUwiEjp5eQ6bAnJEZNjZMLCjPfTeqCmpxI-G_sTVclLEg8NPlcDgDd-Ffg1qY2wcEHy9vRcgSzBhCSQm1HNiNOigbW5uhLHlVscD1fN-wWDfYmE8NVHk1QMNssVyv1EBij3bRWZmCp2-35fSz5kM1kezq_kwyi5Fr8bVgIC_wh1ZNMNf1om6tfZm7Ju0kIquPFrBvNHAXcVqRiM7wMGXrLrsl5r0nemXvI1JgyuMneVvbbz7dw30cI4Qs8hkw6xe5rVVEtKVwJnYiqLc3yHJ9MobCpUijO2Ug2cl6VuMFUF3NITuIf1cDYhPqH8qf0iKYOaucQZoPtoR9RwbDLY1jJgSiwW1CCPtNrs54CycQ5SJ9VBGaBOqqstCXdfqaMP_H9ujJMpNwrDV2p1Od7u8smgq9UO6JYH2mS4vDsZSgdP4XzWlA-9UiE3NR6wfWwwXycf7XJ0i61tMs2Hdt9zvMUJTIE3J58Ba2NhxyoOwCYae6C7zH2S-QD9kyrZOiePQQeb_dVC5d9QGdmVerZEswT9gOQ5QaJ5W50TaOT_uUaWVTtwHgVx50_G1uJXMS8g34B5n-KfcmCi73hxze-hTvjkKj54i6IZoLXu8iMnMR5nbm4Amci41y3FqkDBsn69KgpVQcTcx1KwUA5ayNu4IiKJjI1GIufAyzi-VrXSYTupYH08ufMiyGFJ3XBtgVhW5HVjZTRxfr5e_L_T7Mz1N3ZXt43KC&sai=AMfl-YTahTAH-EaS4eWJJjNnl8v9eI6oJ6PRcUBZWwsUKSP4r3XCRgHxzZPmAX96Tk-b7ngsZlarn0TRhwziFPk8t4I3ktv9HuGvxElN5h7S0yB55cA9lRACK9l6MgpDijuHp7cCLURxvvKsN7o3UliF78m22xITvK2JCKtUh8ur5kcCHK8GTaHaPERHwfdYOJ4zxVlgkDje86IcRmApHxlmwAElXHcPmx6UdLS6UpEai7U_NWhlDuQbAcmC1cE&sig=Cg0ArKJSzELgi-fHmDx7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wb3NzaWJsZWV2ZW50LmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&vt=11&dtpt=509&dett=2&cstd=0&cisv=r20230323.85532&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=600&slotname=2914593710&adk=2493306917&adf=3051390845&pi=t.ma~as.2914593710&w=300&lmt=1679965373&format=300x600&url=https%3A%2F%2Fwww.1secmail.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373553&bpp=1&bdt=982&idt=186&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1195&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=BX4AXkjaNP&p=https%3A//www.1secmail.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Mar 2023 01:02:54 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
45 B 731ms
115ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lfrk0bf5&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A19 15 KB
16 KB 36ms
35ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 577515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A19 15 KB
15 KB 42ms
42ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 577516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A19 0
58 B 70ms
70ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRxRkvTwiZLqXPO6y9u8P7bufuA6o0Mmvb9-MlZSZEfAuEAEglfDYFGC7BqAB69CUtijIAQWpAiIT6VqxHbI-qAMByAObBKoE-wFP0EJ7sQyndfiKv5IiudYaGGDi2LGQMajtQQ45kIicI6E4F5cgdY25jUhKXSfFOCqvtSs9r_w1RLDGLPyVAHt2xWB1_ZxGPCTEiCLS8qk8Xqj77JwW17-45G4mFBUYwGFcsn73dB7ycBebvAZLRR_umt7DH0ii64NLKbO-jE4FpT92C6gidV56wvqbeHiBswaB9MsodK42_bmGJEtkq6EHoZmdg4NyvuPGj4CskHaGlLjD9R9ZSspiwlzjNHFaUNJYdGrka9TfyFvt5F8vzxiM01q1Wa1_izUm3GbrWit51X0j3FpaKxUw2VUppeG_pKgRTgn7PqFDDfKjGsAEztC-r50E4AQDkAYBoAZ2gAfriOWVA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvMzAEsgTtIKA4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1679965374948&ai=CRxRkvTwiZLqXPO6y9u8P7bufuA6o0Mmvb9-MlZSZEfAuEAEglfDYFGC7BqAB69CUtijIAQWpAiIT6VqxHbI-qAMByAObBKoE-wFP0EJ7sQyndfiKv5IiudYaGGDi2LGQMajtQQ45kIicI6E4F5cgdY25jUhKXSfFOCqvtSs9r_w1RLDGLPyVAHt2xWB1_ZxGPCTEiCLS8qk8Xqj77JwW17-45G4mFBUYwGFcsn73dB7ycBebvAZLRR_umt7DH0ii64NLKbO-jE4FpT92C6gidV56wvqbeHiBswaB9MsodK42_bmGJEtkq6EHoZmdg4NyvuPGj4CskHaGlLjD9R9ZSspiwlzjNHFaUNJYdGrka9TfyFvt5F8vzxiM01q1Wa1_izUm3GbrWit51X0j3FpaKxUw2VUppeG_pKgRTgn7PqFDDfKjGsAEztC-r50E4AQDkAYBoAZ2gAfriOWVA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvMzAEsgTtIKA4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
45 B 713ms
116ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lfrk0bfp&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6A19 29 KB
16 KB 166ms
59ms XHR
text/xml 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DxRyLF3lMyoy3Iy4RlWjSxwpwSe4SbR0UmCwz-HIf3grjwYfAj9qsfuZTINjTllQNrD8lj6XuPPT5gpfAumBJpfQCD5A&cry=1&dbm_d=AKAmf-CEuwolWH6NpB8AzA8d42n7qmEOpko_dZX4MBFyaIvWULcwxHAvGSN26OVaDI4YBHkD_HqaH8Rr2EUI2SB6GIvw5u2jwmpbJXxZOkqvrV2WEcVEUGKunTea97DHCZIOb7YzmP2IwRZVxWPGpzEOzMog31qCWaqAfN-oCbAwkICOHv9alhX88Tn0mP9jtnwjYfz3NCdXSoxYKekcXkEPg2F5dGBPOlXmd0vJJr7T4TuJ7SnMPtgTnkdv5_rSaxgb0iqC8WIqusEayczVYDQ3zlL_eQnqUAMGzCVGohPFz9tVW7EeEoQmqN70pSAyIoAtS0ySDk9o2oUeg44ivNQlWtsy9GpAPRTtCz6p33bQ2MWsvkC6HcXSv_jaUC_GyADTofSKHDjOI7S2VvCa46pRfBbgTBiyewe28uULJAjy80gmGwUHzokGKjQOktV1vfIPZFML0FQ8D6BjYtnrHy8HJsnz3TE3f1rkEeYpns2-P_gUKSun93jDdj1LH83r5X_ImNqzbBox18F9GkyLxqOgibqj2MpWei2o8mmHpfGgwOv8F8cgDjL1NMFvz7MsMJfjgWXCqUZCEVU4kaSTJTxW7cbeK4TdvWva4jCP0bukR8aGZxZfv__wXxoe6RDb2DXtZCZHfJPnZlcLRtkv_PVZd0gq2wrURhYhgXe_26xFqlgqro1US8KxsDIIOjVZnJN7Ln9rlCSnhI_T8lcmGQpoYP9BzODrZsuI4DCZecTMzg-jW_np3yeL4MgxqM5nzE76M6iCaQEmQ2xswK5B9LzzKHILQ4oakhyhZKw_jLywsczahgoH-jwotsXgpQSBE-QkcIkNvEHwJm8N1KRCw_1-w50isoFghv9TBUQb71_cF42YK9FmNH-m1PFZQX5eDRy-LHB6vACyiOwFk-6tzArsVvDSjGmr2ykJU3cQck9873DBiBiRS7x2kAa3HUzhKiRZ3OQWRBU-AAcdhU-pWFlKxzdEnDgGDVnP3E_Kr9kPq9n_9KZTLfg4SeST-1Xu1jH5IzTQKkLX5Q3eGD2Yc42LV7yT_xsEY6QpjMrpwPTPGjrQHsC91KYjdHRMA_utFgk-fsad_VyKa0b82eijCSgMhR1jZM2O9LzPZp8E344vEeZJXy-BsfzemmWfSMom-1Ch4cm17PfYEQ7srmci4N_31J_E0bHavGWvShHgjC0yLdhmiTsSWU-uLr6DLiEFL35qXRstK3GJKFk6iX5FETVy3Rq09qrx0TGZ9VWem7EtSn1-Hwu4oLgEGX3mqLsIIKkrEoS3q5HZUs2BrHOJFy7_DmkUD1FYVz6ORV8cD3cPCsZBqMFIJ3IMCuUjNJN-exUC_1Aj91-GIOrUSK53jlf1yu1mCxeL_vKVoCs2Q2CNUim_Uef-DO2aMkaXJog-e2TuPy6C68hwCdMaZDuksE03QvxgGUxHzsCQL3USntKpVbU0HX1tdmzP6IsFxvMEKKKY0eI4k0zxTJLdJ8Zv0L3abpoqgu_XuWJPDvwnWQDFZyDVQsVCX22-iZdW4iUo_yH-vOddps3kDDoeKC-SOg4S3EZZSK_e8AkUwyKseM7q5Z8YbE8ITzTcnMzd0dyoBAuj3B6rB7frq_JPdoMSDd5NJPAHXuPDf9ljPgjaDs1kEEx5YTHp7yA53s3c_9-a8KML4ZWN95xGvQuBKfG34YsnaKzqDptfotgL4MvChvcnVBFS4jpAYm0w7pKMb4A0FGwVt4JLmijFlq6Hr94O4tq59xJKFZesq0vQndf2eNMvTlR_F4qULhrYgf0AM8N71L0w6-EI5VTSbrtcr7deTf5ghq6gJwMJyeQlt5WgvMuN80KDaJDMJsAoqzlz8Q7qhUSS8qTbsAd_SfntNaucX-BdssnMQexs0UJE6DMFZZKQ8x0jHHa66MOLKIJkKOPS4qvHWMNb3526aOS6sKGtl-zvycLxsj2dKBOlq1RTbrMop7nMaSePfq6m4BieUb9m99EEpWElwX9IJQZiSVhNDlIK6hsOAdEH8UTrdukTGM0Uk3nP1XvnSDRimtXgguFmNikO4BUvjlxadVG-YN8uV6paqFCu-f3-NqaUeXou_lnTaED-Hpu_OuNebWcc5p7xsCiuzNNgo69kBLKMR3BJkE-ESIUlRRaKj4YNzYDbkp2kYtN1P-98nE_RHviruOfv8R_VtOw8QcvloC2hbdmwIY3M3CED7_eYMb9Qt5fByTiKSpAOri795KbSodvLGx7ncdZuMcfpHVJbWOBCc8OXQCU4HoYiCYlboTTZv3bzGptrB_ggQb4QKz-wzCpwk7oPq7yiwi6eu-MVr--kgwBbnvXXcU1JWSkBrdNgVZqVB9CJwWKqPXSDZWjLVwIE-W2aynkHnGNYqB0sP63SqXrA2o1g62fMw5Z7UPwLv16cAQmXdCEgyrt8fQbAXszwYhMr-meRd7HO4WbmwlqjWmIZjqpvLrcuQoZEPpR_cN4JcYr95jXgFwSpJ9EObsRLbJ5YVCvS-Pu37QJawoKLptTVaKFTxEs56Ftzkgckx9RUpF9CLFZUyH_e6lpnnwvpl0OPFfBUGq0R9vL7xtCkTtVcMWBfehlRjqxAqAQW_achbd_7snPwVyf-d9B6ujgFcMYeUlYw_WFmS_Igm3oasCApN1Lsy-3lkiICd6L8W2WEJ0JhwFl0tZGSF_vRhrE_g8hCl30ozdL1MKdCVRg3C7xmzih4pv3l9htBZxvtDpsX3Z7Psya_gxT9sc6f6XZflWxcxLdpz86YhNl1i7FKCygmHNr9pe8RWXmttAxa6AxO9AaCyCO2EY7jPj1EiY2AE29JFNsGzO-qj1bg2gZ3V3TJwTL-6AhiNwnsFTvB8oypEgpqBlCwrd9Vf9fLdGr-JED6AseKRMwdcAq9fv9qa6sC-xo-VqksXn_gWhZuBsmYWxJISVn05wvVfhmm004L2FSKOnR3gKQevGKfkWXkiwSVtH-w3vqnS-0N_UGm8s4rSF1BB2NRuz2Lg5y_AaKYyjUWBnq_7VtA-v6JEkzXIlsMCiRM5QLAao50bLj7gTC4aIlKYmzY8KX9loRqiPUy1llAAIMFTtcN3pdDx3LlI1Ai-KJxziN5UqeNDeMcPoWIDdxJwBQeoRd-JFyfpdPBrxGXBrDyjK38GEUSEeQaUAHqwzhDARC-S_cSb9aCqhr30GidQAEhAQndpyU7QkcaakJh-0puJ2891aDXlCHhW5Yo6vjm4cuZ4cTPWyWz43Xmkj6tsgzb_XbEj_ViG4lmH1hC6NJiueL5qsKzh_qvp4KdO9b1o6-A9g7CdjNJMy7Uesr2TWO1ECWSksw2g9kwvpPnefmbqDASBZTmUhTBT7XYRSHoLEHD4LeRsCCKyQjMbu54DEuce2137Y4My5GXMWUKAvV9lKWgloZ7J3jKQ8u178iejuEIv7DrgcI6mpp6q556RvXEsVa3eJpiKYA38F68NOlrBxOzqqUMpDVm2kIwCVPTSF3fV3Bqm1WsSLqZw8s6tcCgRESZUTYI8PIULc_UgqBdGC3RLjvF0e08n51hxcRT70ipzZfCNNpSyp3vbefAFkj31SJEsOmoBJUNR91C_RvAyHSH-MEJZfjrkhRCCokMJeypMNm71ELrVE_nTlLykyEPf7X0yF3doOYFf1mtb3YG4vPTs1jTWOxi1wzXK3u6eT_NJnFsBQ&cid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f156.1e100.net

Software

cafe /

Resource Hash

5bd0628be613d9d08a23c6d50ca566d8634d61d86bbcfa79ab5282785394eb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15854
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A575 28 KB
28 KB 36ms
35ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 577515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A19 0
0 78ms
78ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdQ2pvTwiZLqXPO6y9u8P7bufuA6o0Mmvb9-MlZSZEfAuEAEglfDYFGC7BqAB69CUtijIAQWpAiIT6VqxHbI-qAMBqgT4AU_QQnuxDKd1-Iq_kiK51hoYYOLYsZAxqO1BDjmQiJwjoTgXlyB1jbmNSEpdJ8U4Kq-1Kz2v_DVEsMYs_JUAe3bFYHX9nEY8JMSIItLyqTxeqPvsnBbXv7jkbiYUFRjAYVyyfvd0HvJwF5u8BktFH-6a3sMfSKLrg0sps76MTgWlP3YLqCJ1XnrC-pt4eIGzBoH0yyh0rjb9uYYkS2SroQehmZ2Dg3K-48aPgKyQdoaUuMP1H1lKyjrD_v88S8xiQLOomNGZJrE7ouwopmcSu8MO0b15p8OBHD5uiwpb56JmVw3EoaGQWu1Y4QOJ-VZNQiS8DjhRgTRIwATO0L6vnQTgBAOIBZrXmtBJkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfriOWVA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJEJxUGKSHzeEB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE7zMwBLIE7SCgOID0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTYyOTg2ODI3NjYyMDg5NDcYAOgXBQ&sigh=k7NPFvoXB4Y&uach_m=[UACH]&cid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB&vt=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=3419437759&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373552&bpp=1&bdt=981&idt=180&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=N2Tpzwgfga&p=https%3A//www.1secmail.com&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A19 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f99d5f8a2dffb2d6949f4f0a8171363cb4e518d4d8af1da768874b02411903e6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 998D 36 KB
14 KB 36ms
36ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:13:25 GMT

GET
H2 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8405 36 KB
14 KB 38ms
38ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:13:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 733ms
52ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230323&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01242d2ae8cd2e9d37fe7e8b91ebcacd6e31f33a831f49ed25047c0679444361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11212
x-xss-protection: 0

GET
H2 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 834B 36 KB
14 KB 36ms
35ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=4223759480&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373550&bpp=2&bdt=979&idt=176&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vfhfyYUxv5&p=https%3A//www.1secmail.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:13:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
225 B 484ms
114ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lfrk0bg8&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A19 41 KB
15 KB 36ms
35ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:05:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigzrnse.c.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A19
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-aigzrnse.c.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

436ms
25ms

Fetch
video/mp4

74.125.168.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrnse.c.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/28F09A7512A811C541B3331522A4AC961330E2E6.5848B16CEB457B667D0914B3CCFB538E8C4D1DFE/key/cms1/cms_redirect/yes/mh/7b/mip/5.187.21.101/mm/42/mn/sn-aigzrnse/ms/onc/mt/1679964540/mv/u/mvi/2/pl/20/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.168.199 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s31-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 01:02:56 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2710574
Last-Modified: Fri, 17 Feb 2023 09:19:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 28 Mar 2023 01:02:56 GMT

Redirect headers

date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 642
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-aigzrnse.c.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/28F09A7512A811C541B3331522A4AC961330E2E6.5848B16CEB457B667D0914B3CCFB538E8C4D1DFE/key/cms1/cms_redirect/yes/mh/7b/mip/5.187.21.101/mm/42/mn/sn-aigzrnse/ms/onc/mt/1679964540/mv/u/mvi/2/pl/20/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
54 B 475ms
116ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lfrk0bmk&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=887&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.14v
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 165F 23 KB
9 KB 36ms
36ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 56195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 09:26:20 GMT
expires: Tue, 26 Mar 2024 09:26:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 998D 0
56 B 74ms
73ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYB1XvTwiZKmRPM2d9u8PnoqCoAIAAAAAOAHgBAI&bg=!9Pel96PNAAbO2UOH7tk7ADkAdvg8WoPM0Svge1O7yUW9MUo2bgL24CO18wpYpRURxiSx1HFZrWVpSUaA_Mn853fTl__LP1k6RtACAAAA3VIAAAADaAEHmQLTQeUiUcN7sluGWNmY_PYZGjjwDljbHREq_8z8A-r7PzSWiU5JjGCyVpu2kygzgmAvibaBqqnxCaGyScYdumalm2zNFZJ3J_CwM-xT4eR-gqu9qmMvN9_M4m1UVGKxN5EBtRnvOErFYbsiDVGRbxi0dyAzZBFVJCTUO_9caa3Xc5eagpdxrM37re1ksPYjgQxzQyUbwzWH6kUdVrsXjW4HCd1u6WOyAcdB6B59zQBgDYEKLct7y1nT-blaUbmrvuwXYYp_JgndE8TVXar3MBBEgOx8dCBV1YcO4bDCIO4wBkFZnjZxKriXDDL9ER4BU0pnaLgqSJsCFuF9jRefUlllnAxchlAzO5lF1sytTcdfZkPKpXnfP2fBMthmD0gXGXjMlQHq7O9WS-l8AKFgPksgfVN2j8vJGz8YXCEJg2ZF_PSNV81yyWDIhE7DGBhE_sCiFDlf7Ooh0hkdmnvYWyELkl56fI-xkud6lQ2DUk3nB7jUUi4uCFIxA5v5nYRdQPUTMJw7dnXB2AwvOt-9Ds3ZFuU_8i6E3hS4LMfkt0cEp0hVTUlEaSXZt48mLRQFnucEn-aW2gaRtBxlWkqF-ixpn82vYGHSksaqYz53_88tp6tijoS1Q9KPzuEh-Z4xknvIawyAZ3F_Pg8Qz-i9DjTD_Ti2y1S4ye_XseZbl33j-81ISLz6ALIDBYKOFGZpnAbto998j83hPdusrMmKM8uKm54YB8a0BmfC9t2StMwC6bWIvWQASpZsJMM9Fvu8tymaqvsCtg4NuQY4rqozcHFkvg7zNzVFTzgzNyg-YgKZRsyXOrjGlz7H778uW0JPTKZr68pJxJAtB9xtRo760XWkftgoyKe57mT3-ax3fg5Vsr9UAoCx_iOuOXSHTB3kgkRoH_nsRowTtUGnZML59ZRHxt7i6-mnqJokAEGQoissmk3V_p0ZUNgvb4vpn8H-FwrWaCSd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 165F 36 KB
14 KB 36ms
35ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:13:25 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8405 0
56 B 73ms
72ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdzIivTwiZOyPPPy99u8PlIKJgAoAAAAAOAHgBAI&bg=!uLulu-_NAAbO2UOH7tk7ADkAdvg8WuvgScjUp5fIE85RqKSvt44P8cnN1ZRLgYK1AIiIA2fTpJgCPHZk7TDPqZGWExFAUADztxcCAAAA1FIAAAACaAEHCgCPaasJ30iSA04SVetcabGOductvuH0uSYuN84JrUFNkM5tb5LFRNyrbuTjoE4yT35bRoKd0ueoqtD8jeZ7UQx_qOy2bnct4zr3TVycZQ2W2zL8bl_5qP63Hyi0q7_MNGWHP1J49eTJ3WIiWWn2EL5rLX5e0FZVuUsc89EgAV8fBG3DRa3Pf-8ltJbXAgmOcMiZAsNxrDe1NtegOBd6KoBWhNJW_Ahg9BeKMhhw3liBRyFzxX6drsCdbVq2Uqe_iYAJBccmyc3yjGf7AAWfOXgmKMbZ_-YvbWb9JwUZ4nGz3YSXB_Jk5_T3W48Y617Wz-zERqJJ7pB1VpQgvCDQVN6ldlNI7EHcD_P3qmt4wyoOZlOVjkNzDFcFLrxv0oFBpy1pDZhpoVxgydqi7VRScGX5CFFhyQ3mnkf903RYld51WDI22RGGcD01wH8PbzEbKAX6HbVJ6MRC5jrH2a_60Mu4UBy-4W-ZwkSi5wBYDv-A9rhxfUBQceT977ylC4X3ebP29uOLTQqkMWaw5PspCqw5Z77Q7Ucw1D-hGVSViUCWB55_KKlyA3cEbZcgt1vYYOe9TDrJydRcVgHVUSMziZwjGEZUiji5sGOf7r8pfBffFVT0VwlRs6QNFNrt-fC_DyN_jlnQbUIb-zLFltKS3j4rkmNqDJSGWOzdrCydbLx8siATV5qa2YJfg_yLE_rm3Q5RyrcFhngHPpDmZIyHhYyFCpy2ZqavWLembfheHgm194eEsntqGsUYVwkfuXuDBgjpTbzrTGUl6Y_RQBgUnpnKNGfYDLp89XOR3kMgunpeiBKrAtEPQqIo_oi_F09fW9xe_zq4Kcqy8U24d_vx9dfSkUQWdt3nnkkh6Pe5sv22Qfd1EclU41-ZaHg_wuvrsaDupX3SZ49MdQ4E2ZMadMxTibw6RmFRKvnK3DFA0auNmzfWuxrWvXHTw0v2lmX8Od73bGpNGFGrl-4Iw4Oj12aVgaYWasDAOSiVt_Yl4S1E5lbfthlTJaecXWPiyWiA5j-QejNoKLMxkYnyHL9pz5xGVFcR34BAU2iktG4zXn3TQnHVWGfFgV5ogXIi9Vc37yqe5m_WdEaINETVK87WxWjCJouXlCspmm_wN02YwGEeYj2dqMfL5w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 165F 0
56 B 74ms
74ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bgnf1vzwiZImOBpOImLAPlOugwAQAAAAAOAHgBAI&bg=!RUalRhLNAAbO2UOH7tk7ADkAdvg8WvPof53DOa1Jof_I8elxIh_haDRvwdFlwce0zS1JAhNYw2vONcB-uQkpYAfgXX1dkBA6E7sCAAAAZFIAAAACaAEHmQK9wlV0Tk0DVOTUj_SlAM0A7fWtUyn_slj3pULOPoyYRWlw0Jb_ZCA-wB3ulxiwsFtIpxXpttil5C1mCMAD-0a9Kvhf13OG0qNXileHb-XZH79cTw_U9lQlXoU-sT07zBAwFu72eUP66_IouqLj-2Oft5iAgrwdveLEwJ93DQerxAqsDVK1kF8W8aSODIe2A2do6Xv0iXVMmQbero94hnpRqMxkg9i2b3KW2I6awrxrKjQUMHICChmZ3FRB2-9INZpwuetGgiMjs43ftoSJVYyx-LcZsbOq45rpwA-L2ITxBuWnN2LapXr5-eGwyNPnI2Zc9g7TPYECWJPTZGpAGiLFcchH9OdnuU-GebOkl9OYsZMSPRDifA2d7VK6uXXGJBaMngeB1pppyOg2yBWI4TSOAOd503O5pXpCHhERTjvWExJmGbto_8Rs3lsrin4x4mSe9wf95RWYFvk9C-nueRNAgj1acM2Hj6AMyBmH8wgw_LXEAoLGDUjG6W3bB7nQYQakryoqlmu3JcAXpF18nA93E2TqtwhxfllLKG7HQZeIq41dez6l6bqmeIkKEsSzUvUzUyLXaa_R1Io8getfE2ygG7d5E0CxuV0eDQ_BL3oZZg46VXEnxdovJ8ttmb6qpVzSkbteFTrL8Ij_5FEY9dC7Q4mp0Syo92KeBmfze2MejMDLloHhxFR0twQheq8NXaamdeey1yNdURQKEgyQ2PzldqFETT9DMf-VwgBEzAyKBBscDBwGoazMWFbPS-VAma4rDNRa0gTnDUR6bkPE9euCgkTzt37n-gjp2e-KbXjWB906sANjbNDDn57A56ayhFycYpISr2z5g8Fe0r169U075R8nogYRv-Z0LhVwgxpSoLyz9y6n_UmJEyPrjPuPudxJe_uhVwRGTNaNhsw1KQnTN7caRwXEUxQOtjexalM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
55ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 01:02:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DA9 13 KB
5 KB 37ms
35ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 16362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 20:30:13 GMT
expires: Tue, 26 Mar 2024 20:30:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF98 783 B
1 KB 429ms
46ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

414f5a945ca87460f9349e54d935a086dcc96c3c77c2016124502d4dafb00d7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XgAaq46jG9qyEbW2lFgIcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.1secmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-XgAaq46jG9qyEbW2lFgIcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 01:02:56 GMT
expires: Tue, 28 Mar 2023 01:02:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DA9 36 KB
14 KB 36ms
36ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:13:25 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14D3 42 B
174 B 74ms
74ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJNpm9KcpUxqQPUPxXkofICQZOyw_rxD04-fCgzF-O0LhpgawFTZPEWyr0RGuE9SaldkgvYR-3Q6T70Yc-bN2-d2pRuuD0EWrCLC80pw8Qo5WPcaqND-ju0a2iXMwi-LAPoL-pXA&sai=AMfl-YQYcOPgvRmGOKEWJJj9h8vTfLkg-4UEfz0p8SBt2ZPdfMevY1sUr1ziNiQCxjV6hJPGIUOUl7tmjFxH&sig=Cg0ArKJSzNZtSjDla1J0EAE&cid=CAQSGwDUE5ymAXavvbHJoc5gH31eIZoTEWQwdD8lOhgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2493306917&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679965373743&rpt=1253&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4411 42 B
108 B 73ms
73ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt_ciKN6ZpRFX9R-H5R3LgcK019GgX28D59lSQZ1Ir_4YcMh4wBjs0jUgkekWXaAe7v33zfcDm0_ZBlOafZx7B6MonuSeD2FnNCSnHMM0r-7fXnlyqKtudlE2xNTx4gcGa45gZ8g&sai=AMfl-YR3BVLepQ6alMS59HV6hAu8TqnstggV8-zri5wz4V1eGDkQKAuNWIelPQ9VZwtYE_WXvopYxyOS6Kgr&sig=Cg0ArKJSzLjdJjkqbHvEEAE&cid=CAQSGwDUE5ymBEMaHU-z0dHN6tbXN6mJrpl6it8WtBgB&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1724797542&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679965373725&rpt=1267&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 0DA9 0
40 B 35ms
35ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pFdbJg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:02:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A575 42 B
108 B 75ms
74ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDgzKZKSw1e482LtIeUJwURVQqarqfr5QugrgMDaJcSXIOJs-3kGPuuF1q4I4mOkCurAQzfQCizY0PoUmsMoMpTwA1UAy0F_DzcbiR8unc_gU9LFjcXWBU4LmPX-DwVy9NZntjjA&sai=AMfl-YTu2HWSHJj-KuWZXJNE5LCpncrf1z5VC0cX6SVyfE4h2-3OR7tAVurhfAwgbeILF_4VVKoG6LUKVyA3&sig=Cg0ArKJSzJZDxieSov01EAE&cid=CAQSGwDUE5ymC6E1kuvT2lbr0GgcIkCaVdlacGThmhgB&id=lidar2&mcvt=1000&p=0,0,280,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=141519400&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679965373729&rpt=1336&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content file.mp4
r2---sn-aigzrnse.c.2mdn.net/videoplayback/id/cdc9392e6a4426a0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711501375/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A19 3 MB
3 MB 327ms
26ms Media
video/mp4 74.125.168.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.168.199 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s31-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

11aa4ed88772f07c3bd7bb41b8b1375cefcf3b430fda1caf113ef21680b1d8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 28 Mar 2023 01:02:56 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-2710573/2710574
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2710574
Last-Modified: Fri, 17 Feb 2023 09:19:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Tue, 28 Mar 2023 01:02:56 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
54 B 114ms
113ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lfrk0bmu&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=887&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=first_play&asset_bytes=195577&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF98 0
0 70ms
69ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230323&jk=278916098004211&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;me...
ade.googlesyndication.com/ddm/activity/ Frame 6A19 42 B
401 B 187ms
74ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679965376470;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6A19 42 B
174 B 78ms
75ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRxRkvTwiZLqXPO6y9u8P7bufuA6o0Mmvb9-MlZSZEfAuEAEglfDYFGC7BqAB69CUtijIAQWpAiIT6VqxHbI-qAMByAObBKoE-wFP0EJ7sQyndfiKv5IiudYaGGDi2LGQMajtQQ45kIicI6E4F5cgdY25jUhKXSfFOCqvtSs9r_w1RLDGLPyVAHt2xWB1_ZxGPCTEiCLS8qk8Xqj77JwW17-45G4mFBUYwGFcsn73dB7ycBebvAZLRR_umt7DH0ii64NLKbO-jE4FpT92C6gidV56wvqbeHiBswaB9MsodK42_bmGJEtkq6EHoZmdg4NyvuPGj4CskHaGlLjD9R9ZSspiwlzjNHFaUNJYdGrka9TfyFvt5F8vzxiM01q1Wa1_izUm3GbrWit51X0j3FpaKxUw2VUppeG_pKgRTgn7PqFDDfKjGsAEztC-r50E4AQDkAYBoAZ2gAfriOWVA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvMzAEsgTtIKA4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&sigh=QH8GuN9odjY&label=part2viewed&ad_mt=7&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679965376470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=3419437759&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373552&bpp=1&bdt=981&idt=180&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=N2Tpzwgfga&p=https%3A//www.1secmail.com&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6A19 0
28 B 172ms
86ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpRENeItROzBVSXWr8UAr8LURi8aTUIbfOha4bkXJBb552ss0uYa-1yKeLX1YghtCmMr1fxgISTAvJx_A5-V1O_frDzn8l7dZugeNy4qdAE8j2XadfrAwa7DjfPbnhQmTC91eyKBFoXSJVcEVYLsLE3fY28-d6vUB7ez-urkJBP1-KmfWpgfSRg52dfRyaH1RSX3lRpORepGGMVr9lImDzoG2b0KM8X-V2anI_R29ol9rH1G8kAyyM28On0POUqQbNc38Cb8q-uhqBvs7wyxZGzs-24kpN_jCYHOq22NJhW-vo89cOIepBysXZWPLElejCVBLttEVBzF3Chhjkmln4tL_milb27ad8d4FSEaHODSf269lXyKVu9Qvz7ky-oql7YbpFmf0RUcPyk43qTiiKln1neb6fncoh6sLytDWZb5ipgkLAiKf5YH6pKw808-nvoXaqqRlVEyCRXGUTsV3_00Ms4dcq0RLGU4rw15yog510h80izI1l3cULoYdYwaqHZxiDLqZxbI9pfKe8u--SNvitTw9YTwMgRWr2EWvvoqFSGDDGY9tA7g78TysHCYHZ-IAJ5P0tkqk3Pcbci7EtSn6mbyh4dHw56-APLe5irBYs3VnYkC8pHQ37LqSAsFU4M0XSfnFpT_XEKxb76FzuOSUffy-52KfFnQeH7g4ymHwl2i1EvqxAQ0IF80lKDQbKwDzUzHEMm7q0Iq7VTQaXeQ0poWcsDTswrRNAk5BDkyQBfdI3lY45TMyQWqe7gOn7kANNHQpl2U67Nk9S81QIYHCKlUv7gmLIxjFUc0mFaJe-neaAkRO_CkgJ_MJ1k6NKaM12c9o3cJM6AL15kK2V0b1mFQsA84ti28XltPSXM_93FBQP_cAPvzY5hkN0vTMgzB1uftqWt8lbaqilsTFCqSrCNMQjHGPdV8b1p9ldbxH6fOg1RMetiezG5OhXyQRS3qlWSFG3a-OV1UJS8SaFH56mu0LzotnsdKd0KgKDXWh6OLYNBs4ZOCZGrAuQkyxcSL_bGwjLnu47SGY163ZJEFWdfEM9NYN5M5pWi8lsLAv0aRc7jIXs4mIiIL9mxUmNdk8gXCBqFhrEpIq6MGP0GfA2VpBeNT6E2PsF09RP1bJxMbJTzgPRJ9wlL4Ee19LsvtAktPbv5-TZpcwL7jW0eAeC&sai=AMfl-YTZiTdjGR3yDd46-ax8J6bbpXLJiOI1kpwZrLG-R6q5iCTvTdOZkWf6Yiwp8J3Bz459DY7ZieKKfPYxIgdk5H8qiN37F7oH33fDme4lWgj3yYsgBYuup7O5Px7dRIGzKYnFAeShEeQdLb_zUBaLEbfAQubyJxzBwKgJV0CDNR2ox89LXtg&sig=Cg0ArKJSzGQvOD-VKpbKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

um
sync.teads.tv/ Frame 6A19
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXqp8gCENTEmpgDGKSHzeEBIAEwAQ&v=APEucNV-jaedcQQdGhsgCPN-LdmkO9diCFBFh2GJ0PzOzm0j1gYGjHgilfKsydur8L3PZoy-GGEQBcac4Aejc_8VoPQnpkyvkA
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D

23 B
172 B

225ms
63ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 28 Mar 2023 01:02:56 GMT
pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A19 0
56 B 72ms
69ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;me...
ade.googlesyndication.com/ddm/activity/ Frame 6A19 42 B
107 B 186ms
75ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679965376470;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6A19 42 B
108 B 76ms
74ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ8wEk3-NzlW1bnLcEVwuxLYqTwmxA7dcgVRVpOVewJyI8lAX3G9rK0E2_O45nrB_2k9l0D2pPczIHfqhEe-hNiF9wc0vNaisnLN_1VAJ772n8JI_2xeOdAgkPPjfskyuZmYb-cA&sai=AMfl-YS5iJlgngQO1sVxKpb-idhcvT-ooy8-DaW2AXLKCw-lGtI-MSEA_Dbrw-hc1exLSTBOfMayMelghAme&sig=Cg0ArKJSzJXVwydyvYwnEAE&cid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB&id=lidarv&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679965376470&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6A19 42 B
108 B 78ms
76ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRxRkvTwiZLqXPO6y9u8P7bufuA6o0Mmvb9-MlZSZEfAuEAEglfDYFGC7BqAB69CUtijIAQWpAiIT6VqxHbI-qAMByAObBKoE-wFP0EJ7sQyndfiKv5IiudYaGGDi2LGQMajtQQ45kIicI6E4F5cgdY25jUhKXSfFOCqvtSs9r_w1RLDGLPyVAHt2xWB1_ZxGPCTEiCLS8qk8Xqj77JwW17-45G4mFBUYwGFcsn73dB7ycBebvAZLRR_umt7DH0ii64NLKbO-jE4FpT92C6gidV56wvqbeHiBswaB9MsodK42_bmGJEtkq6EHoZmdg4NyvuPGj4CskHaGlLjD9R9ZSspiwlzjNHFaUNJYdGrka9TfyFvt5F8vzxiM01q1Wa1_izUm3GbrWit51X0j3FpaKxUw2VUppeG_pKgRTgn7PqFDDfKjGsAEztC-r50E4AQDkAYBoAZ2gAfriOWVA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvMzAEsgTtIKA4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&sigh=QH8GuN9odjY&label=vast_creativeview&ad_mt=7&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1679965376470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6298682766208947&output=html&h=280&slotname=7041540980&adk=141519400&adf=3419437759&pi=t.ma~as.7041540980&w=750&fwrn=4&fwrnh=100&lmt=1679965373&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.1secmail.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679965373552&bpp=1&bdt=981&idt=180&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C750x280&nras=1&correlator=3688663702557&frm=20&pv=1&ga_vid=659536540.1679965374&ga_sid=1679965374&ga_hid=2098247122&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532089%2C44786502&oid=2&pvsid=278916098004211&tmod=885878536&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=N2Tpzwgfga&p=https%3A//www.1secmail.com&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A19 0
45 B 136ms
134ms Ping
image/gif 142.250.9.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lfrk0ccs&c=5362576566015&slotId=2681288283007.5&qqid=CPrp59q2_f0CFW6Z_Qcd7d0H5w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=887&mt=video%2Fmp4&vs=640x360&dm=20000&met.4=ff.24b~videopreviewstarted.24d
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.9.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yq-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230323&jk=278916098004211&bg=!JCelJ3PNAAbO2UOH7tk7ADkAdvg8Wt5qcRjZkk1lc3nVqoB26684Tgh6oBNerCRr8MzJMAwpI_0kq2wO0ht9XXRiSjFC-2o3l_sCAAAAXFIAAAADaAEHCgA6AT3ZAhmB4mgrLMHosZlX6CzZ6Ooti6BBatHc_vA0qFNHaNx4raQELVMN0NQtwQBrPX3rYn_3o5tinpkCrWwUTo7rWx8dW9Z37SjaNLN0OJfabermeZsYebDzEYZdPFA4sjTpemM3Xp9Vinup4K6kI82z-C63Au8TkS5zntrNJn1FWolBaUmzPdv6IvKoKe7Hg_VmwaXNE_r9YeCphKmXKitX1ROZe31pj3W08W73SR55ijx_CHlA8AMOZmSrWJGDhW1bXEv1jO5dZkaOfSQQ2J-ZJau8yvUfa018AW7p2oL3HbiExQoQLNOAxwdi9q7HwfFhRoePv9Nxp1RkJn3CmNTR7n6mcy2_ucUl4s5njSOz9t97i4fdJ6FV0Nyok0fFS54Xm-3WS0cmPUPCscLKviKHkLNLt_yMWAKJ2zd-ZLmMVKEHAoWiV847kR37Aa5mtaC72H1kzq2mzP0pdr952MW48ebXxPHbD7zXtn6znf6XamFJDWQfLCRz_-I6k-NB5FaPZHeTVyJUWK98SUPKnqFR0m7N1eXC0IcKD_fXd9AVQ9ciDQMMY2u7SDkgkfHCNowQDyKLcsBOShA1zAVAfyobOPsLLzuUElLEMOxuk2YsAfLE16_bS807rAXulav2187xh67myL8m94TwxTGxLH1z6Gkc2g_cFh5GmSerDwp-9iEaaNjKpRGJBCxxTTMEp676DflO1W_iciGIUqefRIqXAdQjZIome8-WM0JEFOms8y56ONwzU6DjVdB2DXs1b2vE1EoSsKREIj_3eeyZ3pw5E-WJMwvIdrMuCkhF4sF5CsUFhnlHtkqvQ94QHfkKQvKIhPRBXKK0Fc8k9FHeBZV4v-dWDFSN4zeyMStJJFThjEnRHN90xrLwjGggmD2Fs1DmrLhmZXZQt951qamLE7gH55ZtTBjyZyueScFmltlnp0eEVouXnESLldl-axHaCtuQicJz8NIsATtBTbNGfXb3_uhgEViVr0o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.1secmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H2 200 mailbox Show response
www.1secmail.com/ 299 B
379 B 30ms
29ms XHR
text/html 178.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1secmail.com/mailbox
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.32.61.35 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: mx.1secmail.com
Software: nginx/1.22.0 / PHP/8.1.11
Resource Hash: 7024fde45a76edf9d937bfe7e88673419e1666594ff130a94e1eeb3afa2d2148

Request headers

Accept: */*
Referer: https://www.1secmail.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:58 GMT
content-encoding: br
referrer-policy: origin-when-cross-origin
server: nginx/1.22.0
x-powered-by: PHP/8.1.11
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;me...
ade.googlesyndication.com/ddm/activity/ Frame 6A19 42 B
107 B 77ms
75ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyemr27b9_QIVEwQGAB2UNQhIEAAYACCf47RZOhoI1MSamAMQztC-r50EGLSCgOIDIN-MlZSZEUITCPrp59q2_f0CFW6Z_Qcd7d0H5w;dc_rmcid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20010%26vmtime%3D2175%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2168%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1679965376470;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 01:02:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6A19 42 B
108 B 74ms
73ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ8wEk3-NzlW1bnLcEVwuxLYqTwmxA7dcgVRVpOVewJyI8lAX3G9rK0E2_O45nrB_2k9l0D2pPczIHfqhEe-hNiF9wc0vNaisnLN_1VAJ772n8JI_2xeOdAgkPPjfskyuZmYb-cA&sai=AMfl-YS5iJlgngQO1sVxKpb-idhcvT-ooy8-DaW2AXLKCw-lGtI-MSEA_Dbrw-hc1exLSTBOfMayMelghAme&sig=Cg0ArKJSzJXVwydyvYwnEAE&cid=CAQSGwDUE5ymbsEcrzYU1gjGMbYxRhdpueQZxUrTARgB&id=lidarv&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20010%26vmtime%3D2175%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2168%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D595995399%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1679965376470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS