www.noorfatema.top Open in urlscan Pro
51.79.21.141  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1&C=1

Request Chain 47

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQBGkJ-Zq905hPKDrY6PyQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKrvHOioC0LsCTccy3cblMQ&google_cver=1

Request Chain 48

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELw0rjFV63ced9YKdm5-G2c&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw0rjFV63ced9YKdm5-G2c%26google_cver%3D1

Request Chain 49

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUyMDU3NjAxODUzODMyMDkwNQ%3D%3D

Request Chain 55

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ce27bc3e-18e0-4494-b300-61d02bfc6da1&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6d6c2911-0739-4fea-a30b-b461b4c42254&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D092aa713616a4108ac570f86cfc4850d%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_qrpbhcyr&aid=5772719059072552016 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=092aa713616a4108ac570f86cfc4850d&SNR=1&GV=2&med=10

Request Chain 70

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 71

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3CvtCbg-HDCLrtGYltVrLo8nw HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3CvtCbg-HDCLrtGYltVrLo8nw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNzcwNjczNzU4OTE4ODYwOQ&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3CvtCbg-HDCLrtGYltVrLo8nw

Request Chain 73

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_CVZbxfC9zmHyKVFeW8twA8A HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_CVZbxfC9zmHyKVFeW8twA8A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMDU1MTk1MzU3MzI3NjAzMw&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_CVZbxfC9zmHyKVFeW8twA8A

Request Chain 74

• https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3iqFWWU-f56O8Mmhh87eo&google_cver=1&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHqsFIYRtMESDuW7jbQafyO5b8pF7oGbYJ3xm99z7C0qKefFY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHqsFIYRtMESDuW7jbQafyO5b8pF7oGbYJ3xm99z7C0qKefFY&google_hm=QlMuN2QxZC1kMGVkLTQ2YWQtOGQ0MA==

Request Chain 75

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIOeUgdXnSR9Gso12oe-xwo&google_cver=1&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg7GsTZLY2qf7-nAFpgwgqGV7ptqzgtISwnyNoc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg7GsTZLY2qf7-nAFpgwgqGV7ptqzgtISwnyNoc&google_hm=RxF6DwDlT6KlXNFoSOJtXBo

Request Chain 76

• https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMuNDnjzHjZ5bdpHkCm7CkA&google_cver=1&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_i3iGqvbroa27h3493tGlAaVsBAO15RXOq--Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_i3iGqvbroa27h3493tGlAaVsBAO15RXOq--Q

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request member.php Show response www.noorfatema.top/vb/	28 KB 9 KB	205ms 110ms	Document text/html	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 3bdac42d7a8da9417c4967c43d99afae9ec42507b0311d3aa747b8805907fff1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control private Connection Keep-Alive Content-Encoding gzip Content-Length 9084 Content-Type text/html; charset=windows-1256 Date Tue, 12 Sep 2023 11:07:56 GMT Keep-Alive timeout=5, max=100 Pragma private Server Apache X-UA-Compatible IE=7
GET H/1.1	200 OK	vbulletin_important.css www.noorfatema.top/vb/clientscript/	2 KB 2 KB	27ms 27ms	Stylesheet text/css	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/vbulletin_important.css?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 04ae477e968c8bfd79ebc21cbd7658a731d48d8d22491703e52aec8130b6d57d Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1690
GET H/1.1	200 OK	yahoo-dom-event.js Show response www.noorfatema.top/vb/clientscript/yui/yahoo-dom-event/	36 KB 36 KB	55ms 27ms	Script application/javascript	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash d40743d2f62e70a29644f823731551ac1f13903f07f8e0756aa664bb684f276c Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 36628
GET H/1.1	200 OK	connection-min.js Show response www.noorfatema.top/vb/clientscript/yui/connection/	11 KB 12 KB	102ms 26ms	Script application/javascript	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/yui/connection/connection-min.js?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash a0297b3ea37cda46af5a08ed89b1563987e6f6a233286e1a373668776134841c Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 11604
GET H/1.1	200 OK	vbulletin_global.js Show response www.noorfatema.top/vb/clientscript/	25 KB 26 KB	130ms 26ms	Script application/javascript	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/vbulletin_global.js?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash c012c023552d3830ec363151dc5f0c217c97acd41aea4cc456db1bc2128434fa Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 26028
GET H/1.1	200 OK	vbulletin_menu.js Show response www.noorfatema.top/vb/clientscript/	9 KB 9 KB	161ms 26ms	Script application/javascript	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/vbulletin_menu.js?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 447146a55a24e512bb169c578b2d8eda99a8627bbed4322ed909a2cffeaefdff Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 9441
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 53 KB	107ms 89ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash d051383f2d7dc0a675daaff5ebab3f5d115b73fa6dd27d8f0555eec4a7bf76f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 53779 X-XSS-Protection 0 Server cafe ETag 17686517304994664804 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Tue, 12 Sep 2023 11:07:56 GMT
GET H/1.1	200 OK	navbits_start.gif www.noorfatema.top/vb/aslopdesign-free/images/misc/	816 B 1 KB	31ms 31ms	Image image/gif	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/images/misc/navbits_start.gif Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash f70b5d27db08bd82287f26c7f02078e1ccdc266e9ffbac8aa401962563973d50 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:41:05 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 816
GET H/1.1	200 OK	navbits_finallink_rtl.gif www.noorfatema.top/vb/aslopdesign-free/images/misc/	370 B 611 B	246ms 27ms	Image image/gif	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/images/misc/navbits_finallink_rtl.gif Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 83a7d0116f9c140670d9e4f44ee6760ccc34d4804af7d51ea62d35bd18d7e0a3 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:41:03 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 370
GET H/1.1	200 OK	vbulletin_md5.js Show response www.noorfatema.top/vb/clientscript/	5 KB 6 KB	59ms 41ms	Script application/javascript	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/vb/clientscript/vbulletin_md5.js?v=387 Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 09:21:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5464
GET H/1.1	200 OK	ads.php Show response www.noorfatema.top/ Frame D286	374 B 566 B	99ms 70ms	Document text/html	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Full URL http://www.noorfatema.top/ads.php Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash c7864c44a6e391da27483abcbdaa1fb5a5c64e365a977227a643ab4b6f929d4e Request headers Referer http://www.noorfatema.top/vb/member.php?u=38048 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html Date Tue, 12 Sep 2023 11:07:56 GMT Keep-Alive timeout=5, max=93 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	1_02.jpg www.noorfatema.top/vb/aslopdesign-free/img/	3 KB 3 KB	250ms 27ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_02.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 14699120d7d2ccac5b51dc84f8c75f7d81f0f433949bae8fe8f141b5d36e1a0b Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:43:58 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=88 Content-Length 3028
GET H/1.1	200 OK	1_04.jpg www.noorfatema.top/vb/aslopdesign-free/img/	120 KB 120 KB	268ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_04.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 350596d1fdf117d8a5dd73b6aa8739ccabfb2d1b341371835e9d5f31bfc6f03b Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:58 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 122427
GET H/1.1	200 OK	1_01.jpg www.noorfatema.top/vb/aslopdesign-free/img/	47 KB 47 KB	277ms 27ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_01.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 1693b1de0fffc0715926060c6a95354cb4bf915666dc01124e0470ca4f5293da Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:43:59 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=87 Content-Length 48225
GET H/1.1	200 OK	1_09.jpg www.noorfatema.top/vb/aslopdesign-free/img/	2 KB 2 KB	48ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_09.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash e898d63b35758b09ec2a532b57b01f378c18ffaab828a6fb8efe8d0b4d26fc4d Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:40 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1680
GET H/1.1	200 OK	1_10.jpg www.noorfatema.top/vb/aslopdesign-free/img/	41 KB 42 KB	123ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_10.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 8d9e527206078d77562165eb6fa865229a052a53023f2950d2136c3d465dab85 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:43 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 42486
GET H/1.1	200 OK	1_07.jpg www.noorfatema.top/vb/aslopdesign-free/img/	39 KB 39 KB	129ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_07.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 506f88300859f55cac9598210560932261c103222d00fd480733069cdbd9f182 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:39 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 39880
GET H/1.1	200 OK	1_14.jpg www.noorfatema.top/vb/aslopdesign-free/img/	2 KB 2 KB	75ms 27ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_14.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash c27f52f3ab0870ce6456fd853205b3f49d5373798d97de7e1fa79da5ff1001fb Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:44 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1836
GET H/1.1	200 OK	1_12.jpg www.noorfatema.top/vb/aslopdesign-free/img/	2 KB 2 KB	102ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_12.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 6580ab375e9537aeba4b4e9a6e249e4f63dcc71d656b5ee253d05df5bbc52a37 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:42 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1771
GET H/1.1	200 OK	menu_open.gif www.noorfatema.top/vb/aslopdesign-free/images/misc/	888 B 1 KB	171ms 29ms	Image image/gif	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/images/misc/menu_open.gif Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 863c3cb7627cd8871845abf011f2b17cbb1ab5ddb506c1084ed589df0158a3f2 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:40:57 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89 Content-Length 888
GET H/1.1	200 OK	33.jpg www.noorfatema.top/vb/aslopdesign-free/	15 KB 15 KB	113ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/33.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 7a62ffd04e7c65894e9176a1bf5d2814b11163044e9ae28aec2837ab7e19d7ff Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:37:05 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 15155
GET H/1.1	200 OK	1_18.jpg www.noorfatema.top/vb/aslopdesign-free/img/	1 KB 2 KB	141ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_18.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 656c6d7811c75791a16e769e847685656c070009d90a0cd434fd549cf641987d Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 1489
GET H/1.1	200 OK	1_20.jpg www.noorfatema.top/vb/aslopdesign-free/img/	4 KB 4 KB	134ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_20.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 17b2fbf167f54f12d16c4354de3ec9ad387f98175b3d8da7f050ccb102754b27 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:48 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 4141
GET H/1.1	200 OK	1_17.jpg www.noorfatema.top/vb/aslopdesign-free/img/	4 KB 5 KB	162ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_17.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 207448daa87e47498690e9ec5127cb8b9066e2aa826568a944018535ff52220b Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 4480
GET H/1.1	200 OK	1_23.jpg www.noorfatema.top/vb/aslopdesign-free/img/	2 KB 2 KB	100ms 27ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_23.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash e42f90276294acaa90bc4204a2a0ebe7b12a2f1ea87613ad6d209fc560383116 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=86 Content-Length 2038
GET H/1.1	200 OK	1_22.jpg www.noorfatema.top/vb/aslopdesign-free/img/	78 KB 78 KB	101ms 26ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_22.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash 62be738dd0aa7bba5d5f8cdd124c2b3fb8fb0c5c9ac82e618a94dc769c38b1f6 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:44:55 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 79821
GET H/1.1	200 OK	1_25.jpg www.noorfatema.top/vb/aslopdesign-free/img/	29 KB 29 KB	100ms 27ms	Image image/jpeg	51.79.21.141 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.noorfatema.top/vb/aslopdesign-free/img/1_25.jpg Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/vb/member.php?u=38048 Protocol HTTP/1.1 Server 51.79.21.141 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns567061.ip-51-79-21.net Software Apache / Resource Hash e4b7e3cdfd7e250289553725090e255f338eb24ba1f5abf0fb665936e7122ce0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/vb/member.php?u=38048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Last-Modified Wed, 12 Jul 2017 10:45:04 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=85 Content-Length 29430
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame D286	146 KB 53 KB	100ms 82ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.noorfatema.top URL: http://www.noorfatema.top/ads.php Protocol HTTP/1.1 Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 8d8c105abf4414622e53e82ec0fc0e669bfbe8dd9dfa7f47845ecdf6e4eb3217 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 53834 X-XSS-Protection 0 Server cafe ETag 17288047810322096094 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Tue, 12 Sep 2023 11:07:56 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/	379 KB 129 KB	161ms 81ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 7b488ea2fcaa05e29de37b85b85f86e64f60fdc0705dced14e42ba8ac156f410 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131789 x-xss-protection 0 server cafe etag 6327298542122672206 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 12 Sep 2023 11:07:56 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame E14A	10 KB 5 KB	115ms 37ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 74144 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4438 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Sep 2023 14:32:12 GMT etag 8554266389219770021 expires Mon, 25 Sep 2023 14:32:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame D286	379 KB 129 KB	117ms 117ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js?bust=31077719 Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 8aba0e7be836941668335e7bbce2513d38fe12504662b1fd459fb3cf2ddacbb7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131766 x-xss-protection 0 server cafe etag 5531031912246356392 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 12 Sep 2023 11:07:56 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	395 B 468 B	47ms 46ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.noorfatema.top&callback=_gfp_s_&client=ca-pub-4012255064783869 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash c622e85aeba71ed8506541fd5340b7224bdb35a5ab23d51f40b82fb597a4d57d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DDF8	18 KB 5 KB	218ms 217ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&adk=1812271804&adf=3025194257&lmt=1694542076&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&dt=1694516876432&bpp=7&bdt=337&idt=241&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1603645336859&frm=20&pv=2&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=264 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash a8427e9a7c67b4d5e557eff979e63ff77ece8245810d74b2ae40deda5ba970d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 5288 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:07:56 GMT expires Tue, 12 Sep 2023 11:07:56 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2A53	436 B 383 B	224ms 224ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=2189817833&adf=787635767&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&wgl=1&dt=1694516876439&bpp=1&bdt=344&idt=265&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=1177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vIn4fLQ0lW&p=http%3A//www.noorfatema.top&dtd=270 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash 25c586c45fbf77ac18994dceb47576a6be9afd964bd71ac6ddf12bffb3ed669c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 212 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:07:56 GMT expires Tue, 12 Sep 2023 11:07:56 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame D286	395 B 318 B	51ms 50ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.noorfatema.top&callback=_gfp_s_&client=ca-pub-4012255064783869 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js?bust=31077719 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash b830cf8c8a4836be328846cea0614d9bdac5c356974922208839a015d5e86b9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 906F	81 KB 37 KB	220ms 219ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js?bust=31077719 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash c43d859c59d15f62a2e0cc59dccba4a12f4808f63f43170e4fa6ed62e17bc69b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 37448 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:07:56 GMT expires Tue, 12 Sep 2023 11:07:56 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 906F	42 B 173 B	54ms 54ms	Image image/gif	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Apuw0t0PcKnl1-L1x9H0wZVSe4dbdaI3_-BuolYofqxidsaoFhFK93sZfD9Mw1DJU98g1zm2pce14ZNadNxNGE2HxmGPN00Y0fX92mtX04cSr4Zi0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 906F	3 KB 2 KB	112ms 36ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:35:19 GMT content-encoding br x-content-type-options nosniff age 63158 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:35:19 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 906F	20 KB 8 KB	90ms 37ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:35:09 GMT content-encoding br x-content-type-options nosniff age 63168 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:35:09 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 906F	181 KB 57 KB	41ms 41ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software sffe / Resource Hash 3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57841 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694001950986259" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Sep 2023 11:07:57 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5E9E	624 B 246 B	53ms 52ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrc9wIQ4fekgAQY7cHg2gEwAQ&v=APEucNXgM_p_wF_4CL_V5oKHB-PuvXo1JH2gMc93Bu3Eq3MVObehlCr1AkvN886zPTgb3PELHmsSP04GxQ-xe4rga4lcUK7Y_Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:07:57 GMT expires Tue, 12 Sep 2023 11:07:57 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 906F	23 KB 9 KB	40ms 39ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:44:25 GMT content-encoding br x-content-type-options nosniff age 62612 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:44:25 GMT
GET H2	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/ Frame 906F	7 KB 3 KB	38ms 38ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/omrhp_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:38:22 GMT content-encoding br x-content-type-options nosniff age 62975 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:38:22 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 906F	0 0	135ms 57ms	Fetch image/gif	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsDAy42MoyCV2G7IMKqsRyVCR2VfHouIrYWPAkypLWyKRhtChGB6XVmMAvNkB661qent1I9CjDkEKymXuMXNL9689CWHwUCbe2c28ARLKpS10rVV6-lUYM7_rjnbBTl07e8zFiAHQGHNw7_86Q7R1Fm-a0ye9xlJ9W5EJJC_WIrRqwQo6NSGz3Ssns_3HWHOBlbxZQregwV99lnXGOv4Ppqo0NfnUlB0YD9stBJQftJ9rXi89tepwGScemLOQiCWJXkmpuuxmQ60BjrqYC10NSkLmeJEpntJ-fyy3R5hCs_9-KvW6tjYw4cr12F5jnQ_t7u_WJ6UP7bTRbIfI-A0JwZCuQKskfl18Y8vyQ_0ce0ojCksQgQTz8uqVDKGOIlPD48jL-Qf4fiyCQ93cPizpEESQN100YAZKlnlWFMkCkqcgLh2y6oHW02_Nv_EJhN2LrQyar5Oh9pQNg-oOkWAWL_XqS-UsO0jkAXRZrfyIWt-T5-pAQuhu9fNEkgI-csw-Cmd8A7mfKVzoZDJOfR8fA82EOiWsjLU9ufxCADRS66GYFFmYkmDB9y2fSbuBdommEWnHOP4U0RWhuMjuPihkqmbaL0uXMY2hr1J3iulvELjmmpxjLi999KZ_tROPiGYd_TqtEDeKzr12onblwrJZYtdT0zQ2N1FZ0va3pDCQDksO_dwNC46I9rr_V-mGA2vQep0yl1fiYyDYEwj8eQnm1ZyUrjFw4UhUpfkLHPaQG1SYE2WpDX6bs65ra4Wb9dYBmepUQKegXjWGgd4rfYKaYrGt4oIz8_v7aDONh9s7BWqGqcEWpi3aZqj8lzTK-Z4rssxd8KaFjxPenL3CMaH79bX5WxeLPB52XoNs9QwuowJAUHwHXPGJxuENKfefOZMW629MqVrw88czAX-MtkE3wHZFRfzkK4Xl-dNrQdeC4hyrfdLHiiMHTe6zLpa_O-6_6665WYO7HAYMZKuu0OQrLBYqHSE7AGZ7Gi0zn-sfPqMKBNCmEJXGw8PvgGrn2422bQ3FmNqIPNvmnmGu5E6dsa2Ehlgz01FHqilgSQDuqOw6ZPDDqQAXMq0s7hr8bLsB3Rb3pVJ1Jn5ICrRy47PuS5HPV8kqZe_QJtmpSWoA-vHlYYb_ntTW8erH6uUtXYbBJJBi6pIZqZKtCBiZbXNE7qFW0Y2LkS9saRoJJ-C0SJNkq2KKf&sai=AMfl-YSywkjrJxQu-agrhPs2KrOVGhHB6LacHVNzyldOnd4I7ZyWbYgdd9ddAZ_8kq_MoaZbdzkpkBv_w-DZT5Ujv34VUZGIDuXBUo8BWksYdOxOsuONOu2j8rLAx4834MPm0Qa_fA-B-ubmUSp01q-nf0DzC3zByvzTqhzb3WnvyDMDhbX1CMJlxXLvmjBHvxkJ5k1kV7MQUMHofdf8cqbDkkyV9fNIti0YQfRTTm9eARvTQjgWgg&sig=Cg0ArKJSzIMsP2t_f5MCEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230907.50058&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 12 Sep 2023 11:07:57 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 12 Sep 2023 11:07:57 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 906F	41 KB 14 KB	93ms 54ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Wed, 06 Sep 2023 08:01:30 GMT content-encoding br x-content-type-options nosniff age 529587 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Sep 2024 08:01:30 GMT
GET H2	200	17725429630774191110 s0.2mdn.net/simgad/ Frame 906F	38 KB 38 KB	3431ms 44ms	Image image/png	172.253.115.149
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/17725429630774191110 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.149 -, , ASN (), Reverse DNS Software sffe / Resource Hash 304ca8b9beb7da4ecde0512c6e43700ba5a4c5e7486bff648c6183008d773665 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:00 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38632 x-xss-protection 0 last-modified Thu, 24 Nov 2022 21:23:54 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 11 Sep 2024 11:08:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame C2F1	58 KB 20 KB	362ms 360ms	Document text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash 55f066c4fe64450482b472f0b4a33895110e8a975c05aa032627442c6362c902 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 20593 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:07:57 GMT expires Tue, 12 Sep 2023 11:07:57 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 5E9E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1&C=1	43 B 342 B	51ms 50ms	Image image/gif	172.64.148.101
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrc9wIQ4fekgAQY7cHg2gEwAQ&v=APEucNXgM_p_wF_4CL_V5oKHB-PuvXo1JH2gMc93Bu3Eq3MVObehlCr1AkvN886zPTgb3PELHmsSP04GxQ-xe4rga4lcUK7Y_Q Protocol H2 Server 172.64.148.101 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZegCmHgXwoPkBG4yvGoZ0YoNAc8AKKVkKL%2FuOFcMjO8undwn6rv7nS423OU2pF3n%2B32Z10rR1Ls0Bx%2Bxqxe%2BgXuN%2Fx4cGhbdC7Zsjjfqnm02loJ9d4zRBGYdDA88mYqGFJUm%2FYwP%2BW8sew%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8057b0a98d4736b0-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zTB5ysAbwpwV%2F609n2fhuEDHWrFjVv66timAVJZQN5NJ0NZezHdVYaGk2AWc5rqCY1nT6ohsM6VWejkSk1Uqurdwcd2HBotpKLj6bYmmlASzVb%2F6OCogwZiPa9rM97FtPAwPOsLnneSRw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEE1b7-l0rqsyDsQii3ygGjA&google_cver=1&C=1 cache-control no-cache cf-ray 8057b0a93d0f36b0-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5E9E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQBGkJ-Zq905hPKDrY6PyQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKrvHOioC0LsCTccy3cblMQ&google_cver=1	43 B 766 B	54ms 53ms	Image image/gif	172.64.148.101
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKrvHOioC0LsCTccy3cblMQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrc9wIQ4fekgAQY7cHg2gEwAQ&v=APEucNXgM_p_wF_4CL_V5oKHB-PuvXo1JH2gMc93Bu3Eq3MVObehlCr1AkvN886zPTgb3PELHmsSP04GxQ-xe4rga4lcUK7Y_Q Protocol H3 Server 172.64.148.101 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FycPNxES4do4EfdIiQBNKBdTm4gsneIcMhJPls9a7cAc2XA2dVyzGnOsEP2qFb3qn2yQRDRUWVKDrxBUFVb3xfA3Cm8baxJA6gXYft7hvZDgL1TrAYovrHnVYtDpUZv%2FXpdGissX5klXA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8057b0aa2ecca1f8-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKrvHOioC0LsCTccy3cblMQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 5E9E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELw0rjFV63ced9YKdm5-G2c&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw0rjFV63ced9YKdm5-G2c%26google_cver%3D1	43 B 893 B	38ms 37ms	Image image/gif	68.67.179.166 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw0rjFV63ced9YKdm5-G2c%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrc9wIQ4fekgAQY7cHg2gEwAQ&v=APEucNXgM_p_wF_4CL_V5oKHB-PuvXo1JH2gMc93Bu3Eq3MVObehlCr1AkvN886zPTgb3PELHmsSP04GxQ-xe4rga4lcUK7Y_Q Protocol H2 Server 68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT an-x-request-uuid eb19c21f-cbb8-4ed3-beda-87e2e69c2326 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.212.118.26; 185.212.118.26; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT an-x-request-uuid 4745566f-09db-471c-b4a4-cab659799194 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw0rjFV63ced9YKdm5-G2c%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 185.212.118.26; 185.212.118.26; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5E9E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUyMDU3NjAxODUzODMyMDkwNQ%3D%3D	170 B 188 B	49ms 49ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUyMDU3NjAxODUzODMyMDkwNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrc9wIQ4fekgAQY7cHg2gEwAQ&v=APEucNXgM_p_wF_4CL_V5oKHB-PuvXo1JH2gMc93Bu3Eq3MVObehlCr1AkvN886zPTgb3PELHmsSP04GxQ-xe4rga4lcUK7Y_Q Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT an-x-request-uuid 65b5ac68-6173-426d-a045-e19a59e7c833 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUyMDU3NjAxODUzODMyMDkwNQ%3D%3D x-proxy-origin 185.212.118.26; 185.212.118.26; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame 906F	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57f9481401dd83b414f65ba889bc3c363cc549abc8623b6f44f527a7cacf3639 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0534	22 KB 8 KB	38ms 37ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 528936 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 06 Sep 2023 08:12:21 GMT expires Thu, 05 Sep 2024 08:12:21 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response pagead2.googlesyndication.com/bg/ Frame 0534	37 KB 14 KB	38ms 38ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software sffe / Resource Hash 18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Thu, 07 Sep 2023 11:48:43 GMT content-encoding br x-content-type-options nosniff age 429554 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14501 x-xss-protection 0 last-modified Mon, 04 Sep 2023 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 06 Sep 2024 11:48:43 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0534	0 20 B	55ms 54ms	Image image/gif	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNRzNjEYAZe63L5b4zLUPkI-RgA0AAAAAOAHgBAI&bg=!GRqlGlXNAAa6D61Rmg87ADQBe5WfOP2gTCW2HC_tbafSu0Lb1ET6WVkEk2yZUP1xTDMAfFrl6m86JcOfc_Lm6wo3n3DCAgAAAFBSAAAACmgBB5kC_s0K0Cs6hfh9f6EN8XW7cB9ghuX1hR7GMQFUxeoAxiRfR5Qg3TWFg6JRsPNGMnX10GyKs4X-Jaigi6Y2gL5rqAeREsNaQ8MwDiHWC_lXpKUimbMh04NzHPJfeSexE5Ikm4ZzfdnLSdTmdhq05lsvoD_fA0q6fp1_ri3UrULDqPzLfFr-5xmZJQGsfdPXnGwIKyfI_mXOXU0qlySKrLFkyAbDbS3CCmbFSUjM5O6ObRPoEH5M2LlyC8F-krkzeOmRvJJYJ0fMwqw-OYAH74-HoZrZwwEts5HB9KtxcMrH1h6ndDQAjxrg4Pf8uqfDgDBTHH-qhQmdGEiHj3y_U3h_lV3OIioVWxX9lWHQrs43FOkirOijQsXSq1eX2eDQQs5UDlkZsYngDRbt6M0OSF3zPsKcYhvdxXxY2yp0OIp8-jioAK_475hAWB5OpVJY0vKLNrKOZtmxFKF3XegSGaJc_ZFxL3NVMKoZzwf_DoNf5R3-2CuBKnZvn18t8y7P9HIT6mHN6bVIZ7IRutBU6MlFPxzWfCHrB83zB19V4VVByy3utpQdI2w58ddj77gmonXqe9pvDmrxDDf6NYCEb0w7hqUSH5WRbw6Bv1LlnE5r0SFTv2rnBJOrawWbfgodkNriqewZO1jq2HEH9yNJHhiGG-NJ5nWPnLc_kdTSV7he64PtgNkvy6W75iWCzIdJPFEGGunTlQKJ4hqe6-dCksAOV0CyTKjBD2REsNM3YbJm0ed_8hBx9UypR0C1yfPJCnUPDIbo2RCikpYPRv-ogRVP8KgJhSGre6Lu0cE4kUAzlF7Oo8MWEfLfSZX22PhTikr155wqc5Rka084tUbW51dcYtwJaWmmT_f8pcpu3EM3M69jWgpXuOAqn8KDGrF9a2K5bgZONQV0Xm8CQBU5Rg-e7qBc5ihmGPTpTKVVHU5hzMBAX2jlMB-_HjO7SvTaxneA8wXKdONLM1Dhf-FLCAVOJTi3xFSFZa3rVZz7zD9lyFFHIPllQqZ-xnq-eULImg8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	script.js Show response acdn.adnxs-simple.com/strikeforce/ Frame DCFB	125 KB 44 KB	167ms 67ms	Script application/javascript	23.41.168.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs-simple.com/strikeforce/script.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.41.168.189 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-41-168-189.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:07:57 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 10:24:12 GMT Server nginx/1.18.0 (Ubuntu) ETag "64ad2dcc-1f24a" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Length 44995 Expires Wed, 13 Sep 2023 11:07:59 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame DCFB Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ce27bc3e-18e0-4494-b300-61d02bfc6da1&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=6d6c2911-0739-4fea-a30... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=092aa713616a4108ac570f86cfc4850d&SNR=1&GV=2&med=10	0 242 B	49ms 49ms	Image text/plain	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=092aa713616a4108ac570f86cfc4850d&SNR=1&GV=2&med=10 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8347B5250513422A8D3678615CD05755 Ref B: YTO01EDGE0806 Ref C: 2023-09-12T11:07:58Z vary Origin x-cache CONFIG_NOCACHE p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Tue, 12 Sep 2023 11:07:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A9AB18B5674E41AEA0576F7A0667FE12 Ref B: YTO01EDGE0806 Ref C: 2023-09-12T11:07:58Z vary Origin x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=092aa713616a4108ac570f86cfc4850d&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate content-length 150 expires 0
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame DCFB	86 KB 28 KB	185ms 48ms	Script application/javascript	13.107.253.40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.253.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Sep 2023 11:07:57 GMT content-encoding br last-modified Fri, 08 Sep 2023 16:51:39 GMT x-azure-ref-originshield 0qg0AZQAAAAD0a7cyG/r4TY5+vK+wYItxTU5aMjIxMDYwNjEyMDMzADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg== content-md5 wSRY0GX/Tl8mHNGm//AbUA== etag 0x8DBB08BDF109C73 x-azure-ref 0jUYAZQAAAAD/tbXXi+1RTK1ddNk+LX3BWVRPMjIxMDkwODIwMDI5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg== x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 97fde977-d01e-004e-6a17-e51bb2000000 cache-control private, max-age=3600 x-ms-version 2009-09-19
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/239/ Frame DCFB	80 KB 28 KB	1314ms 19ms	Script application/x-javascript	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/239/trk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Expires Wed, 10 Jul 2024 11:56:20 GMT Date Tue, 12 Sep 2023 11:07:59 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 5440298 X-Cache HIT, HIT Connection keep-alive Content-Length 27646 X-Served-By cache-lga21944-LGA, cache-yyz4534-YYZ Last-Modified Tue, 11 Jul 2023 11:56:12 GMT Server AkamaiNetStorage X-Timer S1694516879.023606,VS0,VE0 ETag "615fd4ad24a409f4de5416b603f042c1:1689076572.555276" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 26, 995736
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame DCFB	3 KB 1 KB	39ms 37ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:35:19 GMT content-encoding br x-content-type-options nosniff age 63158 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:35:19 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame DCFB	20 KB 8 KB	40ms 39ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 17:35:09 GMT content-encoding br x-content-type-options nosniff age 63168 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Sep 2023 17:35:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame DCFB	0 0	132ms 55ms	Image text/html	172.253.63.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT76ZcqakFM3HcJGgHU26opX7QXEXgnOOXo6EQUl5m3IW44_OrFyQAGvIK7c-id5K807VCHY9y8COsbqdE-mHstGesVIw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f147.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DCFB	181 KB 57 KB	40ms 39ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software sffe / Resource Hash 3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57841 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694001950986259" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Sep 2023 11:07:57 GMT
OPTIONS H2	204	1a i.clean.gg/ Frame	0 0	99ms 42ms	Preflight text/plain	34.95.69.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.21.6 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=utf-8 date Tue, 12 Sep 2023 11:07:58 GMT server nginx/1.21.6 via 1.1 google
POST H2	200	1a Show response i.clean.gg/ Frame DCFB	0 104 B	43ms 42ms	XHR application/octet-stream	34.95.69.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Requested by Host: acdn.adnxs-simple.com URL: https://acdn.adnxs-simple.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Response headers date Tue, 12 Sep 2023 11:07:58 GMT via 1.1 google server nginx/1.21.6 access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	th www.bing.com/ Frame DCFB	10 KB 11 KB	39ms 38ms	Image image/jpeg	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OAIP.3e9ce44f7efeb55b347670c5b5820e19&pid=AdsNative&c=3&w=200&h=105&qlt=90 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash de765b5deb0ffdaa4c7d0ac1ce179de49999260cf436537b4862e7792175fb04 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:57 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 66466F6F713740FD8A88378A481C3585 Ref B: YTO01EDGE0806 Ref C: 2023-09-12T11:07:58Z access-control-allow-methods GET, POST, OPTIONS x-cache TCP_HIT access-control-allow-origin * report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 10300
GET H2	200	rd_log Show response nym1-ib.adnxs.com/ Frame DCFB	0 533 B	366ms 38ms	Script text/html	68.67.160.75 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php&e=wqT_3QL7A_A8-wEAAAMA1gAFAQiNjYGoBhDQmJbB4qy0jlAYACo2CSNSjKKi1b4_EepZEoTT6L0_GQAAACBcj_I_IepZEgUSACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHivzQWAAQGKAQNVU0SSAQEG8NeYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJ2h0dHA6Ly93d3cubm9vcmZhdGVtYS50b3AvdmIvbWVtYmVyLnBocIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXu8aGL5euDpUXABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBdSIC_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6_NBdIHDQkRKAEmCNoHBgFepBgA4AcA6gcCCADwB-exCYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=217b400460e2a83cad07af722e183f05defd1696&bdref=http%3A%2F%2Fwww.noorfatema.top%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fwww.noorfatema.top%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4012255064783869%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.3419504858~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694542077%26rafmt%3D1%26to%3Dqs%26pwprc%3D9699320664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fwww.noorfatema.top%252Fvb%252Fmember.php%253Fu%253D38048%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1694516877316%26bpp%3D2%26bdt%3D1221%26idt%3D2%26shv%3Dr20230907%26mjsv%3Dm202309110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De48dcb797e77022f-222e77aacee30006%253AT%253D1694516876%253ART%253D1694516876%253AS%253DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A%26gpic%3DUID%253D00000d91f8c3c476%253AT%253D1694516876%253ART%253D1694516876%253AS%253DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw%26prev_fmts%3D0x0%252C300x250%26nras%3D2%26correlator%3D1603645336859%26frm%3D20%26pv%3D1%26ga_vid%3D814716440.1694516877%26ga_sid%3D1694516877%26ga_hid%3D1973501107%26ga_fc%3D0%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D1483%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44798879%252C44759842%252C31077703%252C44719339%252C44795922%252C31076998%252C31077790%26oid%3D2%26pvsid%3D456100570819688%26tmod%3D479019832%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DeTEnjiksbJ%26p%3Dhttp%253A%2F%2Fwww.noorfatema.top%26dtd%3D7,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4012255064783869%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.3419504858~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694542077%26rafmt%3D1%26to%3Dqs%26pwprc%3D9699320664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fwww.noorfatema.top%252Fvb%252Fmember.php%253Fu%253D38048%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1694516877316%26bpp%3D2%26bdt%3D1221%26idt%3D2%26shv%3Dr20230907%26mjsv%3Dm202309110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De48dcb797e77022f-222e77aacee30006%253AT%253D1694516876%253ART%253D1694516876%253AS%253DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A%26gpic%3DUID%253D00000d91f8c3c476%253AT%253D1694516876%253ART%253D1694516876%253AS%253DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw%26prev_fmts%3D0x0%252C300x250%26nras%3D2%26correlator%3D1603645336859%26frm%3D20%26pv%3D1%26ga_vid%3D814716440.1694516877%26ga_sid%3D1694516877%26ga_hid%3D1973501107%26ga_fc%3D0%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D1483%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44798879%252C44759842%252C31077703%252C44719339%252C44795922%252C31076998%252C31077790%26oid%3D2%26pvsid%3D456100570819688%26tmod%3D479019832%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DeTEnjiksbJ%26p%3Dhttp%253A%2F%2Fwww.noorfatema.top%26dtd%3D7& Requested by Host: acdn.adnxs-simple.com URL: https://acdn.adnxs-simple.com/strikeforce/script.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT an-x-request-uuid 6ee013b5-b94b-45c3-ab94-91efd8a2ab6a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.212.118.26; 185.212.118.26; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame AD8A	1 KB 643 B	38ms 37ms	Document text/html	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 80837 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Sep 2023 12:40:41 GMT etag 48472445140208031 expires Tue, 12 Sep 2023 12:40:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame DCFB	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 084d9e9ef2f853a6ac6bd37de54321d9e723866a7d68a5ee4c1d5540580d4ef2 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame DCFB	0 19 B	59ms 59ms	Image text/html	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CWaw9jUYAZeeqFq-3oPMPwJO_CNLg1-Buj6S2k5MKwI23ARABIABg_aCZgegDggEXY2EtcHViLTQwMTIyNTUwNjQ3ODM4NjnIAQmoAwHIAwKqBIYCT9DEar_bvPJSuDTASmfJ76HSVquV1A0wwlp7JEftCCGCRnITPxgb15BRxWvEYlk9U_iFFa0L10GnBJuFMGXO1Ox68RcQBKu2V79VC780zMBTYfd6224lWaunYfj9z2zRFutkBRuR-yZ6tcxUhAUz6nhSD64JbstNNykf1uTHwGfUyz9VroBH5mbnpez5Rq-_LHeTtb76HCUnXMVT41RS7ndF6Wu2d4ReIq8axQeEcPoiQj5W_e0P2RBj9bo3wBKcOiFPaSvZOBh8SHJPfNVrtcQxZPgIVCfs7mZHubMFhWiMZmjhQ04jAs7EstI2iY0JZOe4NApXe477Lv7wgyYm-tuqK7uvx4AGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDAxMjI1NTA2NDc4Mzg2ORgA&sigh=a413oYWsM0I&uach_m=[UACH]&cid=CAQSPABpAlJW8BKq20kuKzfmZcrIpsnPvxBzAKNLffc9OsaMk_-J3QUzLHFIzK1haq_Or_M3FdA5irpe1v3p4RgB&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 12 Sep 2023 11:07:58 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	it nym1-ib.adnxs.com/ Frame DCFB	0 532 B	53ms 53ms	Image text/html	68.67.160.75 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://nym1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php&e=wqT_3QKKB_A8igMAAAMA1gAFAQiNjYGoBhDQmJbB4qy0jlAYACo2CSNSjKKi1b4_EepZEoTT6L0_GQAAACBcj_I_IepZEgUSACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHivzQWAAQGKAQNVU0SSAQEG9AQDmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJ2h0dHA6Ly93d3cubm9vcmZhdGVtYS50b3AvdmIvbWVtYmVyLnBocIADAIgDAZADAJgDCaADAaoDjwMKqQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02ZDZjMjkxMS0wNzM5LTRmZWEtYTMwYi1iNDYxYjRjNDIyNTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD02ZDZjMjkxMS0wNzM5LTRmZWEtYTMwYi1iNDYxYjRjNDIyNTQmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9enpmJTNBa25hcWVfM2NfcXJwYmhjeXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM1NzcyNzE5MDU5MDcyNTUyMDE2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak9EUTFNalUxTURrd056azFNVEFqT0RRMU1qWXlOREk1TXpNeU5EWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF7vGhi-Xrg6VFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1IgL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHr80F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfnsQmKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=988950e0e3f36df4c25445d8a5646431f48b3785&pp=ZQBGjQAFlWcIaBuvAA_JwBjK-ITi9F5OyzKONQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7h9JjUYAZeeqFq-3oPMPwJO_CNLg1-Buj6S2k5MKwI23ARABIABg_aCZgegDggEXY2EtcHViLTQwMTIyNTUwNjQ3ODM4NjnIAQmoAwHIAwKqBIkCT9DEar_bvPJSuDTASmfJ76HSVquV1A0wwlp7JEftCCGCRnITPxgb15BRxWvEYlk9U_iFFa0L10GnBJuFMGXO1Ox68RcQBKu2V79VC780zMBTYfd6224lWaunYfj9z2zRFutkBRuR-yZ6tcxUhAUz6nhSD64JbstNNykf1uTHwGfUyz9VroBH5mbnpez5Rq-_LHeTtb76HCUnXMVT41RS7ndF6Wu2d4ReIq8axQeEcPoiQj5W_e0P2RBj9bo3wBKcOiFPaSvZOBh8SHJPfNVrtcQxZPgIVCfs7mZHubMFhWjOZElzgerZb1o-xmeo0Am_YMSysAN5Y1dZqKd0P6YM1sNqqlnCU8BJDoAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ggGqpOSTp1q0xdBamGTnI4T1hyg%26client%3Dca-pub-4012255064783869%26adurl%3D&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT an-x-request-uuid 668e9229-3615-4ddc-8768-16c797b0b3f5 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.212.118.26; 185.212.118.26; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame AD8A Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65i...	43 B 422 B	111ms 110ms	Image image/gif	104.18.25.173
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 104.18.25.173 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:01 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8057b0ae790d36d9-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:01 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 2005 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWwDabuHdSihwuo7FPhE4w&google_cver=1&google_push=AXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvVHhptRYE_hLIzfFQ6v0pG_JkoJzHJihifaT-hZd0KlQj0A_3lxsoLrhKnqdQmqQMYfH4GFJUww87uQzWHRvOO8LG65is%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8057b0add89836d9-YYZ alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame AD8A Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3Cv... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpR... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNzcwNjczNzU4OTE4ODYwOQ&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3...	170 B 188 B	51ms 51ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNzcwNjczNzU4OTE4ODYwOQ&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3CvtCbg-HDCLrtGYltVrLo8nw Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:05 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNzcwNjczNzU4OTE4ODYwOQ&google_push=AXcoOmSt4w4s1Tge9wZNspByJS0uesWRCFinZ2pBqrkhlnOMezv0_JkGnm5mT1EJnxWEx8xVtpRQg3CvtCbg-HDCLrtGYltVrLo8nw access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 200	asr aid.send.microad.jp/g/ Frame AD8A	43 B 464 B	7667ms 193ms	Image image/gif	202.233.84.1
General Check archive.org Show headers Download Go to Show image Full URL https://aid.send.microad.jp/g/asr?google_gid=CAESELfX3AwHyeipvH-SN8RvFWQ&google_cver=1&google_push=AXcoOmS9ubDUygNL5Z96sZRHpZyuVfFZaNvfewDJuFpUD33NO-KMxybAN1L-bGnpb6edHU2Bu6reDc8I3cY5C4dN2cs00g9hK5snKQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.233.84.1 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=3600 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Tue, 12 Sep 2023 11:08:06 GMT Strict-Transport-Security max-age=3600 Server Apache P3P policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE" Access-Control-Allow-Origin * Content-Type image/gif Connection close Access-Control-Allow-Headers origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control Content-Length 43
GET H3	200	pixel cm.g.doubleclick.net/ Frame AD8A Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_C... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKZcEPBNvQrP1m_cqWwvtHs&google_cver=1&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVs... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMDU1MTk1MzU3MzI3NjAzMw&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE...	170 B 188 B	49ms 49ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMDU1MTk1MzU3MzI3NjAzMw&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_CVZbxfC9zmHyKVFeW8twA8A Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:05 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMDU1MTk1MzU3MzI3NjAzMw&google_push=AXcoOmTsYgJuhldSMveLAE15QDsD4T9QOVuey6d8G64_2nhdaR5e7gigbTrwYOtLCaYS7_5pUVshGE_CVZbxfC9zmHyKVFeW8twA8A access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame AD8A Redirect Chain https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3iqFWWU-f56O8Mmhh87eo&google_cver=1&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHq... https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHqsFIYRtMESDuW7jbQafyO5b8pF7oGbYJ3xm99z7C0qKefFY&google_hm=QlMuN2QxZC1kMGV...	170 B 188 B	50ms 50ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHqsFIYRtMESDuW7jbQafyO5b8pF7oGbYJ3xm99z7C0qKefFY&google_hm=QlMuN2QxZC1kMGVkLTQ2YWQtOGQ0MA== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQGk6vhMUodo0-JXxo2GL8nFAi1q7tSo-LQqusfXLWnAnnOq6sHqsFIYRtMESDuW7jbQafyO5b8pF7oGbYJ3xm99z7C0qKefFY&google_hm=QlMuN2QxZC1kMGVkLTQ2YWQtOGQ0MA== Date Tue, 12 Sep 2023 11:07:58 GMT Server openresty Connection close Content-Length 142 Content-Type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame AD8A Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIOeUgdXnSR9Gso12oe-xwo&google_cver=1&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg7GsTZLY2qf7-nAFpgwgqGV7ptqzgtISwnyNoc&google_hm=...	170 B 188 B	51ms 50ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg7GsTZLY2qf7-nAFpgwgqGV7ptqzgtISwnyNoc&google_hm=RxF6DwDlT6KlXNFoSOJtXBo Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Sep 2023 11:08:04 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTjDNntvk4HHI9DAeHaW322-LLc_8D9GXS0eXRW8LzZ4FsTiG6xO21QQpjPAg7GsTZLY2qf7-nAFpgwgqGV7ptqzgtISwnyNoc&google_hm=RxF6DwDlT6KlXNFoSOJtXBo content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame AD8A Redirect Chain https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMuNDnjzHjZ5bdpHkCm7CkA&google_cver=1&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_... https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_i3iGqvbroa27h3493tGlAaVsBAO15RXOq--Q	170 B 188 B	51ms 50ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_i3iGqvbroa27h3493tGlAaVsBAO15RXOq--Q Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-akamai-request-id 139c13c1 date Tue, 12 Sep 2023 11:08:05 GMT x-bytefaas-request-id 2023091211080518A68F9BDCC04E0014C0 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-55-171-75.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-) server-timing inner; dur=17, cdn-cache; desc=MISS, edge; dur=1, origin; dur=20 content-length 0 pragma no-cache server nginx x-tt-logid 2023091211080518A68F9BDCC04E0014C0 access-control-max-age 86400 access-control-allow-methods * location https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRC1bnehYjpFRr1MrWjG-gozhkqNAF_6sm3tuwrthGlz19IVQeCu1v6cvlCXW_i3iGqvbroa27h3493tGlAaVsBAO15RXOq--Q x-bytefaas-execution-duration 15.08 access-control-allow-origin * access-control-allow-credentials true x-origin-response-time 21,23.55.171.75 x-tt-trace-host 016620d0f701f4c90a09e0afed9ac8695edcc5200d90c6ab6ddac78c3887c91f61464abc97bcd547914dfcae4009c32d83cb987b33e7627fb2a7af8e1cbfb725da4331bf50e44caf03a78c713e0f5d1b216f5c5b4adc1bd3972030711040dd02cf cache-control max-age=0, no-cache, no-store access-control-allow-headers * expires Tue, 12 Sep 2023 11:08:05 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame AD8A	0 50 B	47ms 46ms	Image text/html	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAm2VFILcQCy5yB9vVPXfIce-UJsOTNWVHJcgmRLaLL50kes095d1KAEHKcptyWWqAHcsXXqZW Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694542077&rafmt=1&to=qs&pwprc=9699320664&format=1200x90&url=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1694516877316&bpp=2&bdt=1221&idt=2&shv=r20230907&mjsv=m202309110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48dcb797e77022f-222e77aacee30006%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbScwn0xm2f53e24TGYWEchgo-p9A&gpic=UID%3D00000d91f8c3c476%3AT%3D1694516876%3ART%3D1694516876%3AS%3DALNI_MbFR48dF9UhtvA-bHYm3rIdpSknhw&prev_fmts=0x0%2C300x250&nras=2&correlator=1603645336859&frm=20&pv=1&ga_vid=814716440.1694516877&ga_sid=1694516877&ga_hid=1973501107&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798879%2C44759842%2C31077703%2C44719339%2C44795922%2C31076998%2C31077790&oid=2&pvsid=456100570819688&tmod=479019832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eTEnjiksbJ&p=http%3A//www.noorfatema.top&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:07:58 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST H2	200	vevent nym1-ib.adnxs.com/ Frame DCFB	0 670 B	70ms 70ms	Ping text/html	68.67.160.75 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php&e=wqT_3QKKB_A8igMAAAMA1gAFAQiNjYGoBhDQmJbB4qy0jlAYACo2CSNSjKKi1b4_EepZEoTT6L0_GQAAACBcj_I_IepZEgUSACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHivzQWAAQGKAQNVU0SSAQEG9AQDmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJ2h0dHA6Ly93d3cubm9vcmZhdGVtYS50b3AvdmIvbWVtYmVyLnBocIADAIgDAZADAJgDCaADAaoDjwMKqQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02ZDZjMjkxMS0wNzM5LTRmZWEtYTMwYi1iNDYxYjRjNDIyNTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD02ZDZjMjkxMS0wNzM5LTRmZWEtYTMwYi1iNDYxYjRjNDIyNTQmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9enpmJTNBa25hcWVfM2NfcXJwYmhjeXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM1NzcyNzE5MDU5MDcyNTUyMDE2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak9EUTFNalUxTURrd056azFNVEFqT0RRMU1qWXlOREk1TXpNeU5EWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF7vGhi-Xrg6VFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1IgL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHr80F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfnsQmKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=988950e0e3f36df4c25445d8a5646431f48b3785&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=8118146001315956945&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:07:59 GMT an-x-request-uuid ea247d10-81bc-48e9-8752-e1be4fa23a02 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.212.118.26; 185.212.118.26; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 906F	0 0	55ms 55ms	Fetch image/gif	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsDAy42MoyCV2G7IMKqsRyVCR2VfHouIrYWPAkypLWyKRhtChGB6XVmMAvNkB661qent1I9CjDkEKymXuMXNL9689CWHwUCbe2c28ARLKpS10rVV6-lUYM7_rjnbBTl07e8zFiAHQGHNw7_86Q7R1Fm-a0ye9xlJ9W5EJJC_WIrRqwQo6NSGz3Ssns_3HWHOBlbxZQregwV99lnXGOv4Ppqo0NfnUlB0YD9stBJQftJ9rXi89tepwGScemLOQiCWJXkmpuuxmQ60BjrqYC10NSkLmeJEpntJ-fyy3R5hCs_9-KvW6tjYw4cr12F5jnQ_t7u_WJ6UP7bTRbIfI-A0JwZCuQKskfl18Y8vyQ_0ce0ojCksQgQTz8uqVDKGOIlPD48jL-Qf4fiyCQ93cPizpEESQN100YAZKlnlWFMkCkqcgLh2y6oHW02_Nv_EJhN2LrQyar5Oh9pQNg-oOkWAWL_XqS-UsO0jkAXRZrfyIWt-T5-pAQuhu9fNEkgI-csw-Cmd8A7mfKVzoZDJOfR8fA82EOiWsjLU9ufxCADRS66GYFFmYkmDB9y2fSbuBdommEWnHOP4U0RWhuMjuPihkqmbaL0uXMY2hr1J3iulvELjmmpxjLi999KZ_tROPiGYd_TqtEDeKzr12onblwrJZYtdT0zQ2N1FZ0va3pDCQDksO_dwNC46I9rr_V-mGA2vQep0yl1fiYyDYEwj8eQnm1ZyUrjFw4UhUpfkLHPaQG1SYE2WpDX6bs65ra4Wb9dYBmepUQKegXjWGgd4rfYKaYrGt4oIz8_v7aDONh9s7BWqGqcEWpi3aZqj8lzTK-Z4rssxd8KaFjxPenL3CMaH79bX5WxeLPB52XoNs9QwuowJAUHwHXPGJxuENKfefOZMW629MqVrw88czAX-MtkE3wHZFRfzkK4Xl-dNrQdeC4hyrfdLHiiMHTe6zLpa_O-6_6665WYO7HAYMZKuu0OQrLBYqHSE7AGZ7Gi0zn-sfPqMKBNCmEJXGw8PvgGrn2422bQ3FmNqIPNvmnmGu5E6dsa2Ehlgz01FHqilgSQDuqOw6ZPDDqQAXMq0s7hr8bLsB3Rb3pVJ1Jn5ICrRy47PuS5HPV8kqZe_QJtmpSWoA-vHlYYb_ntTW8erH6uUtXYbBJJBi6pIZqZKtCBiZbXNE7qFW0Y2LkS9saRoJJ-C0SJNkq2KKf&sai=AMfl-YSywkjrJxQu-agrhPs2KrOVGhHB6LacHVNzyldOnd4I7ZyWbYgdd9ddAZ_8kq_MoaZbdzkpkBv_w-DZT5Ujv34VUZGIDuXBUo8BWksYdOxOsuONOu2j8rLAx4834MPm0Qa_fA-B-ubmUSp01q-nf0DzC3zByvzTqhzb3WnvyDMDhbX1CMJlxXLvmjBHvxkJ5k1kV7MQUMHofdf8cqbDkkyV9fNIti0YQfRTTm9eARvTQjgWgg&sig=Cg0ArKJSzIMsP2t_f5MCEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3462&vt=11&dtpt=3460&dett=2&cstd=0&cisv=r20230907.50058&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4012255064783869&output=html&h=250&slotname=2008050634&adk=766163419&adf=1507960138&pi=t.ma~as.2008050634&w=300&lmt=1694542076&format=300x250&url=http%3A%2F%2Fwww.noorfatema.top%2Fads.php&wgl=1&dt=1694516876526&bpp=2&bdt=160&idt=191&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&correlator=1603645336859&frm=21&ife=1&pv=1&ga_vid=89018955.1694516877&ga_sid=1694516877&ga_hid=171823041&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=272&biw=1600&bih=1200&isw=1600&ish=250&ifk=3240289718&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795922%2C31077719%2C44797663&oid=2&pvsid=499483098662272&tmod=959619884&uas=0&nvt=1&top=http%3A%2F%2Fwww.noorfatema.top%2Fvb%2Fmember.php%3Fu%3D38048&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a8aagx2n992h&fsb=1&xpc=L5gjbLdCBM&p=http%3A//www.noorfatema.top&dtd=206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:00 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 12 Sep 2023 11:08:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame D286	15 KB 11 KB	136ms 61ms	XHR application/json	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js?bust=31077719 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash ef2f5c40210a076a190b97d1a9a7b9072be0d9c98396fcc710c323202fe6a046 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11753 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	129ms 55ms	XHR application/json	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash ab6b069b927740330eab228e2547a3dd2cb66bf455b4c2f82078590a59106c80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11604 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	46ms 45ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309110101/show_ads_impl_fy2021.js?bust=31077790 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Sep 2023 11:08:01 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame D286	17 KB 6 KB	45ms 45ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js?bust=31077719 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Sep 2023 11:08:01 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A81	13 KB 5 KB	38ms 37ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 528944 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 06 Sep 2023 08:12:17 GMT expires Thu, 05 Sep 2024 08:12:17 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame DB04	829 B 1 KB	53ms 53ms	Document text/html	172.253.63.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f147.1e100.net Software GSE / Resource Hash 6cffed072a045133886bacee7b68522400ae2d1ab05d00f6922ee6a8f955d843 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-kUflfSo0vyq6yCBRa9lq1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 536 content-security-policy script-src 'report-sample' 'nonce-kUflfSo0vyq6yCBRa9lq1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:08:01 GMT expires Tue, 12 Sep 2023 11:08:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 719F	13 KB 5 KB	38ms 37ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 528944 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 06 Sep 2023 08:12:17 GMT expires Thu, 05 Sep 2024 08:12:17 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame DE0A	829 B 766 B	55ms 55ms	Document text/html	172.253.63.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f147.1e100.net Software GSE / Resource Hash e25875878c4fd3df6504783216d16090d508a11cdb7f08e764c24ef63daa9b83 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-SUKzydemNVM4Y-gsVAaYBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.noorfatema.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 537 content-security-policy script-src 'report-sample' 'nonce-SUKzydemNVM4Y-gsVAaYBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 12 Sep 2023 11:08:01 GMT expires Tue, 12 Sep 2023 11:08:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response pagead2.googlesyndication.com/bg/ Frame 5A81	37 KB 14 KB	39ms 38ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software sffe / Resource Hash 18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Thu, 07 Sep 2023 11:48:43 GMT content-encoding br x-content-type-options nosniff age 429558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14501 x-xss-protection 0 last-modified Mon, 04 Sep 2023 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 06 Sep 2024 11:48:43 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame DB04	0 0	53ms 52ms	Image text/html	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=456100570819688&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	200	GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response pagead2.googlesyndication.com/bg/ Frame 719F	37 KB 14 KB	38ms 38ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software sffe / Resource Hash 18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Thu, 07 Sep 2023 11:48:43 GMT content-encoding br x-content-type-options nosniff age 429558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14501 x-xss-protection 0 last-modified Mon, 04 Sep 2023 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 06 Sep 2024 11:48:43 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame DE0A	0 0	136ms 136ms	Image text/html	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=499483098662272&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5A81	0 10 B	37ms 36ms	Image text/plain	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?VdzDVw Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 719F	0 10 B	36ms 36ms	Image text/plain	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Fpg1ZQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Tue, 12 Sep 2023 11:08:01 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	55ms 54ms	Image text/html	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=456100570819688&bg=!urmlufbNAAa6D61Rmg87ADQBe5WfOAP3x_mXELUrm_VjW49Cgq5JycgTzB9nrwFIU4f-t9EGI66nuj2ceRtE3_2G4o6dAgAAAHZSAAAABmgBB5kCsTdcWmXC6edGy5wEUmIqc84uOK-u3YQCA4KLUojduXxk28MFY2WIVXoiEGpOxD9iWtHDVC_jOy_7BPBdtdMq9L3bTrlpPrgb0-lkLbg4G_wRQAZR6mXx9s6O6tI_ebC3L1yx_Skl4QpLeEFCGsCXy5QGaOyOMPXDW8ik7hENbW0tvGq1CZii3scju8dNDvFACQwAMB_gHYy333oZF0ZZ5N4UVcKqQ6Vaxn7r--2nIP1BjzCcwPUn0g9wiTDysLP9FAWeb-RHDBNSdZUQX9PyQnNMoHRRLD-c8ickuXxDX7pRfAZvgj4qlQy-EnbZpfcfhEYr9cc4aO5l0i_WtqgmYHJ6NBeqTCwTawdB3uISOTqtE9_IkqOuptxq6UqYaQ7B2MrWIPUUEVD4Dp2xBrgAULL4DjYeUX-pI5cfpXHe4f8ZbSf6h7K-iAE2_A4zXOVm1yjPBN5WQzeHUNuIh05XvcrLhYpl4olhRyqHNyqdqPSklIeGRLhu87qCPS7LEwWxpWyoZn_MD3YRAhTLBZIdUR8n3zy-cgqPFVnJB2tsuzaPVzl21Zf3rgc76hMF17bJywseASdbMQe2AQRVaSDkfQcPrjTgG6-6AO7OdJUlT4_L1TOfsfy7U_cKRfXZ8lcyYHRJ7FBjSNrGkq1buzqwAb0LJ-2HHR78EGEyg-fVGONwAuKfpGQZV5XYWNiHGarN9HJAlZMq3ixw26HIrzNKXwYl5DJW_TJFX9sbJw2xVUK28uIZ7-SK5xsLKlqDbardUyHpF80PvVqEbsYConAxKZn9HqbPlAkMFna-0knddn5cwldsHZsSgIHWQn9U9gUIta72zyMKm0ywqDx36tNnFfmgLNktOkiUeLLg6AeeE1Iu4oqak-2yag89s0xeaDYaekMQnHY8LjPk4dIO9RVxgOXH Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D286	0 0	54ms 54ms	Image text/html	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=499483098662272&bg=!5uWl5arNAAa6D61Rmg87ADQBe5WfOANPZL0XpJZS8BzzC0BybdWQFxaYghPCvVQhn9emrZnmRNXKpRWWMPAYze1xlMRaAgAAAGRSAAAABmgBB5kC4kX4eozjUWUTH6MazJQCBHiBE-hMXtD3Vul_XN-9Xqk5wGcCT3bsBioQNJ4hnKCAiLOLf1M8N6tY-DmcH9EkGOFESY9rxUFM4M0PLwyAjj7lCNyUvfgih0ilg5ZmMZwYhzqjjRwQZfWs-H2yXNEyJKhTRGzyy9gLLz8AkTjqFE0ejaetXORvOrRzvD1l1qplMMzuvmNEYYWnldGywYOOXLmcpR5RZxSY1MwFig4DS4j4sJJ6VJ8WweigA2DZLnXm-f9VfZcYfgMYnVIXSQz8rPft7Y6p2epZU1nRxQ1Pul7B5G5NMr1RZ8SCMjKB5LYgLjaw-bBUaDCzld9dIb2VZxBaua94EZMCTlQR00PN1qJ1QcnOAFXobXBu4rzbSncFBun6_XCurX_Fd_26MBMoBaVtTen-Rwfw5lqGGCU1SEeqd8H22n-lJLZDPg5yo64bBmL4-OtKgfkQFWAUurSmQOr0UG74iJYkQ-hM1JLDi7EhjxQIbGPRd41ZNkE2t79i-J6-ffofDI6TG7LvJ22s76NGKCBVK4Nx64j4grYXsKouvNoJBSxIM7S2Aq0-KQEI3rXz3trYH8FHDDQORoo79cgDAb1H9UJeDSaACdrpLvc6ElBBc3iNrLhkyt4MoZz9l7R3yAFEcyww5yDryDR5fjamF5_pmeayIQUm5t2gWsCE1De-6gJbqDjJGfP5AWp5ZRwrf8lbWV4MAR4nAH_JSObnDWejJHEx-0x2JSW49MnVoffUsfPkP_kvmRwNDxKZhh4oIdEcEecNrh4OLcH9N_wQ8sND4gpshw8PAGrUixuAzDDXsXBnTUtRpHZUVZAV6a3ya8iUqIAxOy8HnVYuw8jbLwikRfUkZk2JNSfW2J2SXvEn8tvCX86X7hZWSRFVMxOG9_BcBRl50ZsyBxcdGCmx6Hw728ApUmcpsubminP2BKGQEuOfhOTj185pu9bq-Qy3KsqWQwm6NBlOyBn55j4w4g Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer http://www.noorfatema.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 906F	42 B 64 B	55ms 55ms	Fetch image/gif	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudo5-VGVJcO8uCWlxBVo0EwtMlVmdPRyHJkK8HhTYbBSs7ohRhNy4hm2KspjKv1M9L1vuE-I3yuzsegPAv2Jrr2V2zefq7fUkcCNliOaQEMNoLWKx7rDk0gHj0b6ytd4AlfsbSRcw2BA&sai=AMfl-YTiB3I-eM1yUW2pSL01JhwAaTM3p_C2TLq5f5JfEEJVJZpwcaKujUBP0kyDIjYvACqu2B_zhlNfoHVm&sig=Cg0ArKJSzAbcLIcbKvh2EAE&cid=CAQSGwBpAlJW6j5RTk2XddhHUXGrI7dEN42Wt2RE0xgB&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=766163419&rs=2&la=0&cr=0&vs=4&r=v&rst=1694516876734&rpt=4292&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Tue, 12 Sep 2023 11:08:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT