sao.ren Open in urlscan Pro
119.91.65.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sao.ren/
Effective URL:
https://sao.ren/
Submission: On February 09 via manual (February 9th 2023, 1:20:52 pm UTC) from SE — Scanned from SE

Summary HTTP 123 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 26 domains to perform 123 HTTP transactions. The main IP is 119.91.65.128, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is sao.ren.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on August 12th 2022. Valid for: a year.

This is the only time sao.ren was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	119.91.65.128 119.91.65.128	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
3	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
3	163.181.56.174 163.181.56.174	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
30	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
1	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
3	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
5	142.251.208.106 142.251.208.106	15169 (GOOGLE) (GOOGLE)
1 30	142.250.180.225 142.250.180.225	15169 (GOOGLE) (GOOGLE)
5	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
6	142.250.180.195 142.250.180.195	15169 (GOOGLE) (GOOGLE)
1	142.250.201.206 142.250.201.206	15169 (GOOGLE) (GOOGLE)
3	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
2 4	142.250.180.228 142.250.180.228	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 13	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	52.58.51.57 52.58.51.57	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
4 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	13.32.27.23 13.32.27.23	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
123	23

13 119.91.65.128 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

sao.ren	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.181.56.174 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.208.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.180.225 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.206 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.39.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.51.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-51-57.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-23.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.30 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	614 KB
28	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 207	164 KB
13	sao.ren 1 redirects sao.ren	267 KB
10	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	148 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	240 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	4 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 422	5 KB
3	google.se adservice.google.se — Cisco Umbrella Rank: 68343	818 B
3	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 51169	42 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	18 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1225	615 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 723	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 524	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2302	794 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 574	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 762 r.turn.com — Cisco Umbrella Rank: 3173	869 B
2	51.la sdk.51.la — Cisco Umbrella Rank: 74635 collect-v6.51.la — Cisco Umbrella Rank: 69644	13 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 709	438 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1387	351 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1366	587 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 449	863 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 926	576 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	356 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3371	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 854	600 B
123	26

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sao.ren
14	pagead2.googlesyndication.com	sao.ren pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	cm.g.doubleclick.net	2 redirects sao.ren googleads.g.doubleclick.net
13	sao.ren	1 redirects sao.ren
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	secure.adnxs.com	4 redirects
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.se	pagead2.googlesyndication.com
3	cdn.staticfile.org	sao.ren
3	cdn.jsdelivr.net	sao.ren
2	sync.teads.tv	1 redirects
2	image6.pubmatic.com	2 redirects
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	sao.ren
123	33

This site contains links to these domains. Also see Links.

Domain
boring.studio
ab.cd
long.ge
shi.su
dai.ge
lzhs.com
dalao.net
beian.miit.gov.cn

Subject Issuer	Validity	Valid
sao.ren TrustAsia RSA DV TLS CA G2	`2022-08-12` - `2023-08-12`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.se GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://sao.ren/
Frame ID: B584BC9E864DE967EFFF0A6A5B253D44
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 29A305B4396D12B6C3A45F695D9B2C79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&adk=1812271804&adf=3025194257&lmt=1675948846&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l&format=0x0&url=https%3A%2F%2Fsao.ren%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845720&bpp=6&bdt=2560&idt=422&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=142857955935&frm=20&pv=2&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449
Frame ID: 4BC50968DC5E4DC7D2A94128EF5000FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=1936607028&adf=3619128815&pi=t.aa~a.1043414356~rp.4&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845726&bpp=2&bdt=2567&idt=449&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T7RfUibiJe&p=https%3A//sao.ren&dtd=453
Frame ID: 1C31FF84DE8C949AFDD6E5B9156D8050
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
Frame ID: C9AC4045842754D5A3E20E7B658B6EEB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=1200x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=0&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280%2C716x280&nras=4&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kJycwjTY4d&p=https%3A//sao.ren&dtd=10
Frame ID: 9FF2409C57BA924C3C48CA5432C1E1D4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: CA9A38C452CCA7D4A230878859D0D439
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 81EC15D6F466BCE963B88E2C57DD7483
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 38B5A7DEC0B13E5244AD2269395671DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BF34C81A0D8F67F059C6F27223D3AC2F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 026F94F8DA4D550B9C52A58E3539DF0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6BBDA2DE98A13183D5FE4AEF5447E24C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 412F231585ABCCBE0981A1591ACDA695
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E40745868C5815AE12359CE9D446DCAB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 9339627C990C6D1FC2F09466DBF70279
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 580212D27FF80CEB6F59F6900ECC3CF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61714FAD2DFD0C462109502B76F41C1E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A434C2074BF354438FC170552F5FBF7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

骚人 – 我的笔记本

Page URL History Show full URLs

http://sao.ren/ HTTP 301
https://sao.ren/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

90 %
HTTPS

0 %
IPv6

26
Domains

33
Subdomains

23
IPs

6
Countries

1514 kB
Transfer

3899 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://boring.studio/
Title: 无聊工作室

Search URL Search Domain Scan URL

URL: http://ab.cd/
Title: 创意基地

Search URL Search Domain Scan URL

URL: https://long.ge/
Title: 龙哥

Search URL Search Domain Scan URL

URL: https://shi.su/
Title: 世俗

Search URL Search Domain Scan URL

URL: https://dai.ge/
Title: 呆哥

Search URL Search Domain Scan URL

URL: https://lzhs.com/
Title: 隔壁老刘

Search URL Search Domain Scan URL

URL: https://dalao.net/
Title: 大佬论坛

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 桂ICP备2021010268号-1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sao.ren/ HTTP 301
https://sao.ren/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3g_HgQxC1ARi1ATIIxr0iNIwrO2w HTTP 301
https://tpc.googlesyndication.com/simgad/3376074661252515927

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECeLZICWSjIy498j6twIa1c&google_cver=1&google_push=Aa02lx89jFxkmohDO6xzdk38M58A9XSAi705lROmxIv46r1ApUO0mR10jJXW-AFw_sfFqaXaHVMLGZgFP4Ume7VQVHp6XD1rZgj0NXU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExMTc1OTUxMjA3MzY0MDU1NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBdG1ZAl1aHlSeDLHauX4lU&google_cver=1

Request Chain 101

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBjGyV6zlMMTnQTrpjFs-Tw&google_cver=1&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBjGyV6zlMMTnQTrpjFs-Tw&google_cver=1&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA&google_hm=GIMAtGZHksSC_-vsS7aIKq7f

Request Chain 102

https://match.360yield.com/match/ebda?google_gid=CAESEGlAfEI0oCZJZpksY99R5dc&google_cver=1&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_u1DFmcViA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGlAfEI0oCZJZpksY99R5dc&google_cver=1&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_u1DFmcViA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4JepwbbVRUig7-F5VMg0cw&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_u1DFmcViA

Request Chain 103

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKhrZWtLWic_FIHWWO6FzD4&google_cver=1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675948847823 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6659668d-5673-4843-b4ba-19bedaccebe9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w%26google_hm%3DA2ZZZo1Wc0hDtLoZvtrM6-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&google_hm=A2ZZZo1Wc0hDtLoZvtrM6-k

Request Chain 104

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP47Mcswkbt59IRMqkW-6baM91Q3Uz47Q2cpUN0nPv3SFnIAJbhnEX-bNJqTEsWS3aiIBGIfP HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDA-eOFuhTVaJJd8TY9q6gE%26google_cver%3D1%26google_push%3DAa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP47Mcswkbt59IRMqkW-6baM91Q3Uz47Q2cpUN0nPv3SFnIAJbhnEX-bNJqTEsWS3aiIBGIfP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NjM5MTc1NTcyNzE1NzYxNA%3D%3D&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP47Mcswkbt59IRMqkW-6baM91Q3Uz47Q2cpUN0nPv3SFnIAJbhnEX-bNJqTEsWS3aiIBGIfP

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINl69ax7EYVdFwo7kp3f7Q&google_cver=1&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_ls4KCqJqFoHhCV4M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_ls4KCqJqFoHhCV4M

Request Chain 108

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO8BC4b5nS7DttckUfnuP_k&google_cver=1&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdjQPhUEaD0IipNpqdCc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5ODE0NTQ4NzY2NjYwODI3MQ%3D%3D&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdjQPhUEaD0IipNpqdCc

Request Chain 110

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELFvRU8rpe8iYaTuJZacY0w&google_cver=1&google_push=Aa02lx8ce3fqYpuqjDIYU0obFj33jZ_YVPcKXAyEQDFoJtACql5PREghxuSsKep80V6bocaD_456NkE9RYJuemPrdVi9FdJ1th_Fkfs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELFvRU8rpe8iYaTuJZacY0w&google_cver=1&google_push=Aa02lx8ce3fqYpuqjDIYU0obFj33jZ_YVPcKXAyEQDFoJtACql5PREghxuSsKep80V6bocaD_456NkE9RYJuemPrdVi9FdJ1th_Fkfs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=57iIyy7sSQ6VPOmuMHRhAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ce3fqYpuqjDIYU0obFj33jZ_YVPcKXAyEQDFoJtACql5PREghxuSsKep80V6bocaD_456NkE9RYJuemPrdVi9FdJ1th_Fkfs

Request Chain 111

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDzou1CkCuQWZb05cxSnvWQ&google_cver=1&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXIrJWGh5iOVNO7Tqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXIrJWGh5iOVNO7Tqg

Request Chain 112

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUn3O3d7PXD2r5EOWMgp00&google_cver=1&google_push=Aa02lx-rBnvv9wUXCDTDqXximw_tOAOwLHctLLVki9HTzEC1UIMBuhcMBDlGCa84rLFqE3rdbMmT7iVb-H0kzL-RI1P-fJrTIs5JceQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlmZDczMDMtMjM2Zi00ZmU4LWI1YTktNWU0OGNmZDliYzhj&google_push=Aa02lx-rBnvv9wUXCDTDqXximw_tOAOwLHctLLVki9HTzEC1UIMBuhcMBDlGCa84rLFqE3rdbMmT7iVb-H0kzL-RI1P-fJrTIs5JceQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 113

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbTZD8s5ZcZoYJUSzPYimT_YANzZPiL8OSesAprLEF6E72nDFvsxr0pCD5ROA1WhLok3r5eo HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJSKl5iKj9MpTTyoXZpPIjM%26google_cver%3D1%26google_push%3DAa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbTZD8s5ZcZoYJUSzPYimT_YANzZPiL8OSesAprLEF6E72nDFvsxr0pCD5ROA1WhLok3r5eo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY0MTgxMTQ1ODM4NjY2Mzk5OA%3D%3D&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbTZD8s5ZcZoYJUSzPYimT_YANzZPiL8OSesAprLEF6E72nDFvsxr0pCD5ROA1WhLok3r5eo

123 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sao.ren/
Redirect Chain

http://sao.ren/
https://sao.ren/

32 KB
8 KB

2122ms
1098ms

Document
text/html

119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

20cf16fe1a276f92edc7af7a3a4b0eb43ca432202d3d959415e379a5aed9a555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 13:20:42 GMT
link: <https://sao.ren/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 09 Feb 2023 13:20:40 GMT
Location: https://sao.ren/
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 style.css
sao.ren/wp-content/themes/Adams-1.4.26/ 32 KB
9 KB 395ms
383ms Stylesheet
text/css 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/themes/Adams-1.4.26/style.css?v1.4.26

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

2a4eb46a22d08b162fe67a50db177132370d2127545b2cfc8c156b7ead2dbd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 01:42:56 GMT
server: nginx
etag: W/"616e22a0-8010"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 style.css
sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/ 19 KB
4 KB 396ms
384ms Stylesheet
text/css 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/style.css?v1.4.26

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

c91613c07584e45e042ee6da8c634b925bb65e9019058a68aaca4939e3d2640c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 01:17:29 GMT
server: nginx
etag: W/"616e1ca9-4c2e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 style.min.css
sao.ren/wp-includes/css/dist/block-library/ 93 KB
15 KB 771ms
759ms Stylesheet
text/css 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 05:55:00 GMT
server: nginx
etag: W/"63747b34-172a9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 classic-themes.min.css
sao.ren/wp-includes/css/ 217 B
420 B 773ms
761ms Stylesheet
text/css 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Nov 2022 05:56:04 GMT
server: nginx
etag: "63620674-d9"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 217
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 APlayer.min.css
cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/css/ 12 KB
3 KB 124ms
32ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/css/APlayer.min.css?ver=2.9.9

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 13:20:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1212284
x-jsd-version: 2.9.9
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2537
x-served-by: cache-fra-eddf8230090-FRA, cache-bma1673-BMA
x-jsd-version-type: version
etag: W/"30f0-BzcqK6UHOI0P7RZtdhscLCplnc4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 DPlayer.min.css
sao.ren/wp-content/plugins/wideo/DPlayer/ 44 KB
7 KB 773ms
763ms Stylesheet
text/css 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/plugins/wideo/DPlayer/DPlayer.min.css?ver=6.1.1

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

e79dfb46f9afcba3110804424ab94695c1f693403fabb67b4ccae803cb7ca2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 05:30:22 GMT
server: nginx
etag: W/"6170faee-b14f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H/1.1 200
OK jquery.min.js Show response
cdn.staticfile.org/jquery/3.1.1/ 85 KB
31 KB 2165ms
53ms Script
application/javascript 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/3.1.1/jquery.min.js?ver=v1.4.26
Requested by: Host: sao.ren
URL: https://sao.ren/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 08 Feb 2023 20:34:32 GMT
Via: cache17.l2de2[210,209,304-0,M], cache2.l2de2[211,0], ens-cache8.de4[0,0,200-0,H], ens-cache3.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: kv8AANGgXMiv80EX
Age: 60373
X-Swift-CacheTime: 86400
X-Cache: HIT TCP_HIT dirn:8:291065078
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection: keep-alive
X-Swift-SaveTime: Wed, 08 Feb 2023 20:34:32 GMT
Content-Length: 30281
X-M-Reqid: k2AAAMqZE_y25K0W
X-M-Log: QNM:xs465;QNM3:31/304
Last-Modified: Fri, 21 Oct 2016 11:30:23 GMT
Server: Tengine
Etag: "FvZHptN9xMoFXO089ku8H0kAcKy6.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1675888472
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b1b16759488452771049e

GET
H2 200 script.js Show response
sao.ren/wp-content/themes/Adams-1.4.26/static/ 5 KB
2 KB 773ms
764ms Script
application/javascript 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/themes/Adams-1.4.26/static/script.js?ver=v1.4.26

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

2faccaa2e5d54f2cfc210c42d640b9aa7b27372acde4e2f57d7da0676a2cce7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 01:17:29 GMT
server: nginx
etag: W/"616e1ca9-15bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H/1.1 200
OK prettify.js Show response
cdn.staticfile.org/prettify/r298/ 14 KB
8 KB 2166ms
55ms Script
application/javascript 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/prettify/r298/prettify.js?ver=v1.4.26
Requested by: Host: sao.ren
URL: https://sao.ren/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f48d85c6ea701e417a857cd9292de12c2c0ff795c5ba45f7127c51cc6a97cf3d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 08 Feb 2023 22:57:38 GMT
Via: cache9.l2de2[0,0,304-0,H], cache2.l2de2[1,0], ens-cache5.de4[0,0,200-0,H], ens-cache2.de4[3,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: fwMAAFC2Rdd--0EX
Age: 51787
X-Swift-CacheTime: 79525
X-Cache: HIT TCP_HIT dirn:8:367801126
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="prettify.js"; filename*=utf-8''prettify.js
Connection: keep-alive
X-Swift-SaveTime: Thu, 09 Feb 2023 00:52:13 GMT
Content-Length: 6678
X-M-Reqid: j30AANsnfnq35K0W
X-M-Log: QNM:xs462;QNM3/304
Last-Modified: Tue, 16 Feb 2016 07:42:54 GMT
Server: Tengine
Etag: "FtJLHaNCtcLQWC8JIhGKrwsqaEDV.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1675897058
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b1a16759488452752663e

GET
H/1.1 200
OK instantclick.min.js Show response
cdn.staticfile.org/instantclick/3.0.1/ 6 KB
4 KB 2170ms
57ms Script
application/javascript 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/instantclick/3.0.1/instantclick.min.js?ver=v1.4.26
Requested by: Host: sao.ren
URL: https://sao.ren/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 49580fd1db966576453d5217fb0a163c58699c77311b92174bacef6405686b76

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 08 Feb 2023 22:57:38 GMT
Via: cache8.l2de2[0,0,304-0,H], cache11.l2de2[1,0], ens-cache5.de4[0,0,200-0,H], ens-cache9.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: 2O8AACuCAMx--0EX
Age: 51787
X-Swift-CacheTime: 79525
X-Cache: HIT TCP_HIT dirn:9:370978135
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="instantclick.min.js"; filename*=utf-8''instantclick.min.js
Connection: keep-alive
X-Swift-SaveTime: Thu, 09 Feb 2023 00:52:13 GMT
Content-Length: 2528
X-M-Reqid: h1wAAOUIDX635K0W
X-M-Log: QNM:xs1170;QNM3:30/304
Last-Modified: Tue, 16 Feb 2016 04:18:30 GMT
Server: Tengine
Etag: "FgCN6sF4kGLxH20e_mTC29X3R3xh.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1675897058
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b2116759488452777589e

GET
H2 200 APlayer.min.js Show response
cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/js/ 58 KB
14 KB 126ms
38ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/js/APlayer.min.js?ver=2.9.9

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 13:20:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 6095986
x-jsd-version: 2.9.9
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13754
x-served-by: cache-fra-eddf8230098-FRA, cache-bma1673-BMA
x-jsd-version-type: version
etag: W/"e7bd-Isqij/a0Ghb/QPFdOPFzniI1lHg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flv.min.js Show response
sao.ren/wp-content/plugins/wideo/DPlayer/ 169 KB
45 KB 772ms
765ms Script
application/javascript 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/plugins/wideo/DPlayer/flv.min.js?ver=2.0.2

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

0fa4ca1db0d4b648369f34adbb60aaf069faef899487ba1cfb68087551023656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 05:30:22 GMT
server: nginx
etag: W/"6170faee-2a56a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 hls.min.js Show response
sao.ren/wp-content/plugins/wideo/DPlayer/ 209 KB
69 KB 772ms
766ms Script
application/javascript 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/plugins/wideo/DPlayer/hls.min.js?ver=2.0.2

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

8df32db012dbcdb5c730495789f026e3eb2f331376eecde77c7eb692708ddc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 05:30:22 GMT
server: nginx
etag: W/"6170faee-34237"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 DPlayer.min.js Show response
sao.ren/wp-content/plugins/wideo/DPlayer/ 111 KB
31 KB 773ms
767ms Script
application/javascript 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/plugins/wideo/DPlayer/DPlayer.min.js?ver=2.0.2

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

f68f3fd80d0cf931eb76bc7b6a55d36e8e5a1a2df622d7caab981f57d28ea4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 05:30:22 GMT
server: nginx
etag: W/"6170faee-1bc70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 274ms
109ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9804261739658593

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9b740ec539c5f0632cf4ee315c905abf7f9a20a931b6a8e229304891caddb488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Origin: https://sao.ren
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49728
x-xss-protection: 0
server: cafe
etag: 16903518211346101049
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 13:20:45 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 967ms
291ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: sao.ren
URL: https://sao.ren/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 13:20:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Server: openresty
ETag: W/"63bceaef-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 ajax-comment.js Show response
sao.ren/wp-content/themes/Adams-1.4.26/static/ 5 KB
2 KB 773ms
768ms Script
application/javascript 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/themes/Adams-1.4.26/static/ajax-comment.js?ver=v1.4.26

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

c41e8817434111f24d656c1faa6b4ecd87c8adce25d54061e6b61291d8dc49a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 01:17:29 GMT
server: nginx
etag: W/"616e1ca9-1219"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 Feb 2023 01:20:43 GMT

GET
H2 200 hermit-load.min.js Show response
cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/js/ 2 KB
1 KB 120ms
35ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/moeplayer/hermit-x@2.9.9/assets/js/hermit-load.min.js?ver=2.9.9

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1cbb05650de3744a390db77c197f4bc1da1969958742f79027b1babfd042205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 13:20:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 7464742
x-jsd-version: 2.9.9
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1059
x-served-by: cache-fra-eddf8230071-FRA, cache-bma1673-BMA
x-jsd-version-type: version
etag: W/"83c-gJDrZj+QxtLwrMyVgjt7hC4UHjw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
390 B 1871ms
414ms XHR
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sao.ren
Date: Thu, 09 Feb 2023 13:20:47 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 StrawberryIcon-pro.ttf
sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/fonts/ 75 KB
75 KB 385ms
384ms Font
application/octet-stream 119.91.65.128
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/fonts/StrawberryIcon-pro.ttf?cgglgw

Requested by

Host: sao.ren
URL: https://sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/style.css?v1.4.26

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

119.91.65.128 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

2464ee2f5aa6921ff6ecd835ba20cc0a8daddae05459fe86ab05e6c9dac8b15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sao.ren/wp-content/themes/Adams-1.4.26/static/caomei/style.css?v1.4.26
Origin: https://sao.ren
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:45 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Oct 2021 01:17:29 GMT
server: nginx
etag: "616e1ca9-12a64"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 76388

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/ 361 KB
119 KB 255ms
122ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9804261739658593&plah=sao.ren&bust=31071887

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9804261739658593

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

d121e3acad9c9c9b93c89db7ed46cd312df1745d1d0266188b513fa7a8c135eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121320
x-xss-protection: 0
server: cafe
etag: 2010134625861699776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 13:20:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 29A3 10 KB
5 KB 216ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9804261739658593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 66561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 18:51:24 GMT
etag: 10353107486223812946
expires: Wed, 22 Feb 2023 18:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
600 B 259ms
85ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sao.ren&callback=_gfp_s_&client=ca-pub-9804261739658593

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9804261739658593&plah=sao.ren&bust=31071887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a8d890ffb9211269f2921fa0398048e02a005fb1cf82719c2dff208e2d685f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
531 B 263ms
86ms Script
application/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 238ms
86ms Script
application/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BC5 244 KB
58 KB 607ms
606ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&adk=1812271804&adf=3025194257&lmt=1675948846&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l&format=0x0&url=https%3A%2F%2Fsao.ren%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845720&bpp=6&bdt=2560&idt=422&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=142857955935&frm=20&pv=2&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

4f92fd1cbe52ea412587f68c2e1bb52838d2eb6baf07a96167aad8c6b1be0fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59809
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:46 GMT
expires: Thu, 09 Feb 2023 13:20:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C31 80 KB
23 KB 582ms
582ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=1936607028&adf=3619128815&pi=t.aa~a.1043414356~rp.4&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845726&bpp=2&bdt=2567&idt=449&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T7RfUibiJe&p=https%3A//sao.ren&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

2772c6468268acf2ddbf445f4883417ecf788f2bbe8b5094367292c61db0d468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23455
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:46 GMT
expires: Thu, 09 Feb 2023 13:20:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1C31 3 KB
1010 B 242ms
86ms Stylesheet
text/css 142.251.208.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=1936607028&adf=3619128815&pi=t.aa~a.1043414356~rp.4&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845726&bpp=2&bdt=2567&idt=449&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T7RfUibiJe&p=https%3A//sao.ren&dtd=453

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f10.1e100.net

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 13:18:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 13:20:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 1C31 2 KB
818 B 256ms
83ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 1C31 22 KB
9 KB 238ms
65ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 1C31 3 KB
1 KB 234ms
84ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 1C31 18 KB
8 KB 246ms
73ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C31 156 KB
48 KB 303ms
131ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 1C31 33 KB
14 KB 220ms
64ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 04:54:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C31 0
0 106ms
106ms Fetch
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwOYuLvPkY6XaDsWY78EP59aH2Ama5IPeaZz35um_D9fGtMyIMBABILvajJYBYPGt_IWkH6ABmK_e2gHIAQapAgHp6fcDZnk-qAMByAMCqgTqAU_Qzy7COZ9YkIREnuf0K0hp3nMN05oI3Oe8QPgVUfkI8K0cmb5j17mhTcVFtJCZKmhI68fWv6Gp-oK_Y4BnKyup5ShnLllevf6Jw9_Imvsgb9GcbTZRYwGyLQPeGgHR6n5oU61goPszqM6iX3933zhULcNJEwl2GzqyfN4JJpqrW5snncVBjUBui3wgv-mE9TTaJC7ZIW2A383c4RZxB-as5nLAPfEeoHJf4RrKE6C_y7WiEXQ6RnSv4vkDfxv8-zT7YLJFEDZfHUK6jBFPtYqmDlasy7lJU0_Dt6buKyibfKy5WNa7krfBVMAE6-jayvwDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB9DQoaUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEPfOE9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTk4MDQyNjE3Mzk2NTg1OTMYAA&sigh=9kILoZ8FRRk&uach_m=[UACH]&cid=CAQSGwDUE5ymFcBxW_yuWan0c6_1GUy1d68SPxp4rRgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=1936607028&adf=3619128815&pi=t.aa~a.1043414356~rp.4&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948845726&bpp=2&bdt=2567&idt=449&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T7RfUibiJe&p=https%3A//sao.ren&dtd=453
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 13:20:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1C31 21 KB
22 KB 237ms
67ms Image
image/jpeg 142.250.201.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSUk6P7ie-x-Q8Sf6cBroCnYXPIBNd9df0VHe9aSDbTgDp8cFCyab7pe_JimQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f14.1e100.net

Software

sffe /

Resource Hash

fa79e30500fcb9c831b9a516b362a7b4ca9260ad853d6082fd9cf7328e3c5f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:23:46 GMT
x-content-type-options: nosniff
age: 7021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21720
x-xss-protection: 0
last-modified: Wed, 04 May 2022 23:42:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 09 Feb 2024 11:23:46 GMT

GET
H3

200

3376074661252515927
tpc.googlesyndication.com/simgad/ Frame 1C31
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3g_HgQxC1ARi1ATIIxr0iNIwrO2w
https://tpc.googlesyndication.com/simgad/3376074661252515927

5 KB
5 KB

102ms
102ms

Image
image/png

142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3376074661252515927

Requested by

Protocol

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

2fad4ed563fec065f8bb3637f48ae125f6af41c0ad4f993c94d27234d84c53a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5078
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 12:44:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 13:20:47 GMT

Redirect headers

date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3376074661252515927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Mar 2023 13:20:47 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/ 150 KB
51 KB 136ms
136ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/reactive_library_fy2021.js?bust=31071887

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

324094479f016233a924e185e23dd80695579150b7b84541fa64a828694ac6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52194
x-xss-protection: 0
server: cafe
etag: 5756110980566936708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 13:20:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
165 B 87ms
86ms Script
application/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 87ms
87ms Script
application/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9AC 77 KB
31 KB 589ms
588ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

591709688ab9dd5efe053e0b628a4a82f2b2d4d2654a3b74249180dd48ec1385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32029
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
expires: Thu, 09 Feb 2023 13:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FF2 102 KB
35 KB 599ms
599ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=1200x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=0&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280%2C716x280&nras=4&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kJycwjTY4d&p=https%3A//sao.ren&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

1ea34d6f67483582c15d9c373fb531d85f5b44621b1e8197aeaa74929594884d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
expires: Thu, 09 Feb 2023 13:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 86ms
85ms Script
application/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
86ms Script
application/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sao.ren

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame CA9A 10 KB
4 KB 65ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 35173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 03:34:34 GMT
etag: 10353107486223812946
expires: Thu, 23 Feb 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 81EC 10 KB
4 KB 65ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 35173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 03:34:34 GMT
etag: 10353107486223812946
expires: Thu, 23 Feb 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1C31 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58c9fe6972630cdc84e535d156a473077aa2808db8e21c022f8b4b39f10dc3e

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame CA9A 4 KB
732 B 87ms
87ms Stylesheet
text/css 142.251.208.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f10.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 12:06:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA9A 205 B
518 B 66ms
64ms Image
image/png 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 12:55:29 GMT
x-content-type-options: nosniff
age: 1518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Feb 2024 12:55:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA9A 604 B
694 B 66ms
66ms Image
image/png 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:52:36 GMT
x-content-type-options: nosniff
age: 5291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Feb 2024 11:52:36 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame CA9A 20 KB
8 KB 68ms
67ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8363
x-xss-protection: 0
server: cafe
etag: 13687106600067785872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 07:08:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 81EC 4 KB
694 B 87ms
86ms Stylesheet
text/css 142.251.208.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f10.1e100.net

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 11:43:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 81EC 2 KB
799 B 64ms
64ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81EC 0
0 106ms
105ms Fetch
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaJb6LvPkY42GDo3L6wSCtI-gA4aDgeVu-b7Pra8RnrSM7ss4EAEgu9qMlgFg8a38haQfoAHtpMGVKcgBCagDAcgDywSqBP0BT9ASAW3Tbn70EjBSKTsFTE7CPARZHLV7BY1h82dIiTNFoBcUwvaZzKZ-tFR0ExuRnhqqeSnnhjkxKEpmu1JwRbYqdZJiE4hPDRuwrTKWjNgL_1PpQrsrruVp1Q3rAp1JbgqaqLRwFpBeuUHAf_qtOTrBN-6ZbHmqwy8p-Nl6eBbKbDaIGp9k8UHasGyOCEvLY6O32EF8y0fzqwPX367ZhvcdU9CUKDGQnxkSqzDBFGQannEaxsAQroFAHCnNDgrrHoGwOqpL-JXM4mi-PzFPb9xt6XxqfJzsCp2-pIOKJqrqY81WwLaZ-7G6rqurfW9JA_1ZWHByHfHnmsU7RsAEt6jj0KwEkgUECAQYAZIFBAgFGASgBi6AB-3ckfUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQle4G0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQB0BUBgBcBshccChoIABIUcHViLTk4MDQyNjE3Mzk2NTg1OTMYAA&sigh=rljyfOYelBQ&uach_m=[UACH]&cid=CAQSGwDUE5ymCpeuKOQPKn1a6FUNvp1ndk3SRFKwtBgB&template_id=484

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 81EC 22 KB
9 KB 64ms
64ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 81EC 3 KB
1 KB 73ms
71ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 81EC 18 KB
8 KB 75ms
74ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81EC 156 KB
48 KB 195ms
194ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 81EC 33 KB
14 KB 65ms
64ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 04:54:22 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/53932807792601893/ Frame 81EC 33 KB
33 KB 84ms
83ms Image
image/jpeg 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/53932807792601893/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

98820b91f8d7dfa19465ae1df26b318be099b2e5472c3b1ac0378f635eb4a053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 08:28:27 GMT
x-content-type-options: nosniff
age: 17540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33651
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 08:39:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 08:28:27 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11375534266980288276/ Frame 81EC 1 KB
2 KB 83ms
82ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11375534266980288276/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

d0a2886617f6b73793c878c4f798811fed2b88cfd28a47bb5a5fb4c768ce9a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:04:58 GMT
x-content-type-options: nosniff
age: 267349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1415
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 08:39:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 11:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 38B5 8 KB
968 B 87ms
87ms Stylesheet
text/css 142.251.208.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 12:02:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 38B5 2 KB
799 B 102ms
102ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 38B5 22 KB
9 KB 101ms
101ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 38B5 3 KB
1 KB 124ms
123ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 38B5 18 KB
8 KB 114ms
114ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38B5 156 KB
48 KB 204ms
203ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 38B5 33 KB
14 KB 66ms
65ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 04:54:22 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1C31 20 KB
21 KB 216ms
65ms Font
font/woff2 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:58:56 GMT
x-content-type-options: nosniff
age: 249711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 15:58:56 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1C31 21 KB
21 KB 237ms
88ms Font
font/woff2 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:03:06 GMT
x-content-type-options: nosniff
age: 249461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 16:03:06 GMT

GET
DATA 200
OK truncated
/ Frame 81EC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d36e0faec4b0153cd08f983cee82e4efc83c667ada3bc36287be516dfa657e8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF34 143 B
166 B 65ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
95ms

Document
text/html

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
expires: Thu, 09 Feb 2023 13:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 026F 36 KB
14 KB 65ms
65ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:54:27 GMT

GET
H3 200 10716930415306943717
tpc.googlesyndication.com/daca_images/simgad/ Frame C9AC 136 KB
136 KB 66ms
66ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10716930415306943717

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

33411991c9c9dd90fcf1f0ad3d580e3dfdcf0ac7a8352796600569c13d1cab32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 14:17:04 GMT
x-content-type-options: nosniff
age: 83023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139333
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 22:24:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Feb 2024 14:17:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame C9AC 22 KB
9 KB 65ms
64ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C9AC 0
0 107ms
107ms Fetch
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVYdqLvPkY8SjOJqY7gTy95qAAp_smPFuu_qh_P0Q5IK7-5oCEAEgu9qMlgFg8a38haQfoAG7q_rsAcgBAqkCAenp9wNmeT6oAwHIA8kEqgTnAU_Qgd9oCF_RpJTS68ZTEnRcrnCgjpgD0yBEPLH-Tdd7LMKe7sQol-IRa5LANAWmHXPOnTBA3WYFfN6x-BCw_l0WBzTrhPmN89Y_8SwVQngEW2DSglruEIUwYTeoTsh6q87RQgB9cobR9gwndL973QQQ2nDgXRu6XWKrSVmugdgHNiEcB9082_y6ppiKRcHgHYR_1SIfo9hXcLEr8gzCxrhD67RLP6s6Kw0E-FvnKPUaynUPnjsK9Np-gMpC8GA_7ZwctgO0ZwMImTW7ePYPP4PBTWYsoh3H4c120FpHzVWiogbzv5KZ5MAEodSKqPwDkgUECAQYAZIFBAgFGASgBgKAB63UhZMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9akC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTgwNDI2MTczOTY1ODU5MxgA&sigh=UPeU4gFZh50&uach_m=[UACH]&cid=CAQSPADUE5ymCemU_dOIwan9c9XVjXWG98l_FQCn4zrrymwr0sUNzfN6Zx8UFG-GkpO5jUlBuhEeREroKAPnyBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame C9AC 3 KB
1 KB 103ms
103ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame C9AC 18 KB
7 KB 66ms
64ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C9AC 0
0 165ms
90ms Image
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPvKpsryfFFLYstYFmuwN1bOs5kFWA32xQ59YYY76fjKFt21-CSdJyfYkrPm1nNiS3jqIHDhv8FXIiCAhq5tE5HSZoLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s34-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9AC 156 KB
48 KB 129ms
128ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame C9AC 33 KB
13 KB 105ms
104ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

d376a62629060f298ff66774618c79661ae960bb2d6c71a8cbab8e54f4b3f995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13595
x-xss-protection: 0
server: cafe
etag: 7466391422742446116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 04:30:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9FF2 8 KB
895 B 87ms
87ms Stylesheet
text/css 142.251.208.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=1200x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=0&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280%2C716x280&nras=4&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kJycwjTY4d&p=https%3A//sao.ren&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 11:26:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 9FF2 2 KB
765 B 115ms
115ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 9FF2 22 KB
9 KB 67ms
66ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 9FF2 3 KB
1 KB 104ms
103ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 9FF2 18 KB
7 KB 79ms
78ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FF2 156 KB
48 KB 159ms
158ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:47 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 9FF2 33 KB
14 KB 64ms
64ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 04:54:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9FF2 0
0 105ms
105ms Fetch
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI5kSLvPkY9LKOJH26gTRv4KQAavl4_9siYiyvpgM29keEAEgu9qMlgFg8a38haQfoAHQ7-C1AsgBCakCAenp9wNmeT6oAwHIA8sEqgTuAU_QpuZnOMM2DTcbOXgPHgS5y-0JoAHn492MNnpzdFtOHROGPa_cjKmwieg3RLyx8N_dhGOfejq8Fe6yoLwSqypfwzyoXWV4XHnlu5t7fGresB28ZNSAMjCOIR4eo2GYk9OiOnpitO1SgxqMJBAuFbwQ10vhwzlItBYl0lf3PYXOyGwJlOvhWtQD1PRVBSIwQzgQkRewUehrAC2XaR286at5Ne8-u-Ei7RWF7t5NO-lLNHfK6x3Q7tKDQoKfi_LriNVE-fBIAEJJfWG1hkOrYVaWIfMjI_sfMNdEqu9n3KNRf3cY0aqbZL_J8_sbKenABO6guNmYA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeYkJ_KAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELq7CtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQQ0BUBgBcBshccChoIABIUcHViLTk4MDQyNjE3Mzk2NTg1OTMYAA&sigh=mu3EGf9mJbM&uach_m=[UACH]&cid=CAQSPADUE5ymyyUAceSY8JMxJqOwwnvS6Mh76nHaEcVR0tiodULYn2nJircXStkrvpFaKKBFDO6yQDCGbcRaPBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=1200x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=0&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280%2C716x280&nras=4&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kJycwjTY4d&p=https%3A//sao.ren&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/16079976758439697463/ Frame 9FF2 26 KB
26 KB 158ms
158ms Image
image/jpeg 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16079976758439697463/2728354180183721846?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

196f7c8c311ed72e0419b4c7afc08ca5a1269f330a2d85a2b5d6fc29e01ebd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26370
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 08:58:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 13:20:47 GMT

GET
DATA 200
OK truncated
/ Frame 9FF2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9FF2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBD 143 B
166 B 64ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 412F 1 KB
643 B 64ms
64ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 30386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 04:54:21 GMT
etag: 48472445140208031
expires: Fri, 10 Feb 2023 04:54:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E407 1 KB
643 B 75ms
74ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 30386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 04:54:21 GMT
etag: 48472445140208031
expires: Fri, 10 Feb 2023 04:54:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9FF2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ab9305a98b259a8afdfd8d563e9ed1a95cf8d9f5cac89a1516d616384fa4d1f

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C9AC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1777afa17edaec8d00f589f536d21a845fb7efe472138723d64837de2a3b7e1e

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 412F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECeLZICWSjIy498j6twIa1c&google_cver=1&google_push=Aa02lx89jFxkmohDO6xzdk38M58A9XSAi705lROmxIv46r1ApUO0mR10jJXW-AFw_sfFqaXaHVMLGZgFP4Ume7VQVHp6XD1rZgj0NXU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExMTc1OTUxMjA3MzY0MDU1NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBdG1ZAl1aHlSeDLHauX4lU&google_cver=1

43 B
398 B

79ms
53ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBdG1ZAl1aHlSeDLHauX4lU&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBdG1ZAl1aHlSeDLHauX4lU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 412F 0
104 B 252ms
110ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAD5Zc_C85aFhkTxMQSMfR4&google_cver=1&google_push=Aa02lx-XBmMIh4wr2DstR1z3QK82UehHpa_J-IYlxjgHG6MmHTTzJrd9MXiEtNlgS4Mrwgayv16qda5cuvdEiXnBvMQVuVtyomb47nU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 412F 43 B
356 B 154ms
55ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPPoLQ9zMAeSp3DG3eU4aQA&google_push=Aa02lx9je-jq_Yw_lQ7MdneHpvbueWAhNZDU8jGcjmgf3Pd9UiRPdgqpN9cHbUuVlGKhpeUUYzooCCpjKsQd4PTu7lmhWhs_OJN8hXM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=4190781261&adf=1438075936&pi=t.aa~a.4133787359~rp.1&w=716&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=716x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=-M&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280&nras=3&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=442&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d00bUergzZ&p=https%3A//sao.ren&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 412F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBjGyV6zlMMTnQTrpjFs-Tw&google_cver=1&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFj...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBjGyV6zlMMTnQTrpjFs-Tw&google_cver=1&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFj...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA&google_hm=GIMAtGZHksSC_-vsS7a...

170 B
232 B

89ms
88ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA&google_hm=GIMAtGZHksSC_-vsS7aIKq7f

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 13:20:47 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_T1tmOxkHLvPeN5Bu39pd8Dp2mNTdNX_swHD4an7P44QvgMQAbbpglPnILdwA0r5vH6OtHqDWLhFDXvcOFjMrD6euzy7xv7IA&google_hm=GIMAtGZHksSC_-vsS7aIKq7f
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 412F
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGlAfEI0oCZJZpksY99R5dc&google_cver=1&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGlAfEI0oCZJZpksY99R5dc&google_cver=1&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjE...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4JepwbbVRUig7-F5VMg0cw&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnj...

170 B
232 B

88ms
87ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4JepwbbVRUig7-F5VMg0cw&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_u1DFmcViA

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4JepwbbVRUig7-F5VMg0cw&google_push=Aa02lx_b1zNm7r0JjLuhlBML5oAIlCv_8OKsbb-iWKkDiM-wwFxqJEZFx6AEHuOk9wZZD3LSO1Br4BvVtrIKqnjEidxE9_u1DFmcViA
access-control-allow-origin: *
date: Thu, 09 Feb 2023 13:20:47 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 412F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-6659668d-5673-4843-b4ba-19bedaccebe9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9Dpmq1DzCNIjxKS5NJD...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&google_hm=A2ZZZo1Wc0hDtLoZvtrM6-k

170 B
188 B

89ms
89ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&google_hm=A2ZZZo1Wc0hDtLoZvtrM6-k

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9Dpmq1DzCNIjxKS5NJDepYWBtqS-qt8J8McE4myoEtzTq1Hvqe9RzwmjgWsDQalMHsEJbCstBzLamHFPaFDQN7bpicZ-sX-w&google_hm=A2ZZZo1Wc0hDtLoZvtrM6-k
date: Thu, 09 Feb 2023 13:20:48 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6659668d56734843b4ba19bedaccebe9003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 412F
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDA-eOFuhTVaJJd8TY9q6gE%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NjM5MTc1NTcyNzE1NzYxNA%3D%3D&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP4...

170 B
232 B

89ms
89ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NjM5MTc1NTcyNzE1NzYxNA%3D%3D&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP47Mcswkbt59IRMqkW-6baM91Q3Uz47Q2cpUN0nPv3SFnIAJbhnEX-bNJqTEsWS3aiIBGIfP

Requested by

Host: sao.ren
URL: https://sao.ren/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 13:20:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.147.213.140; 185.147.213.140; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ef4262f6-7553-447d-83c8-1dce3e94e819
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NjM5MTc1NTcyNzE1NzYxNA%3D%3D&google_gid=CAESEDA-eOFuhTVaJJd8TY9q6gE&google_cver=1&google_push=Aa02lx-Kcp_-4Kt5G89yhDBE6HJeJhcIP47Mcswkbt59IRMqkW-6baM91Q3Uz47Q2cpUN0nPv3SFnIAJbhnEX-bNJqTEsWS3aiIBGIfP
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 412F 0
139 B 237ms
85ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lw-Ecrc7VktNek6D9rBBLP5xPE95nu_VgSQK4AGmhihD2iyKFs4ppUMCHYa0Itm0UU7VnVQw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
92ms

Document
text/html

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
expires: Thu, 09 Feb 2023 13:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E407
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINl69ax7EYVdFwo7kp3f7Q&google_cver=1&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_l...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_ls4KCqJqFoHhCV4M

170 B
232 B

89ms
89ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_ls4KCqJqFoHhCV4M

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 13:20:47 GMT
Server: MT3 441 9053ffc master zrh-pixel-x8 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8Q_J0XxRgVuPkBX0GFaWWFJQAGYaNRY_0xhibvA8vkiPg1vujFtZ4eEaAFO5sApwlhSn2IKpzfapX50l_ls4KCqJqFoHhCV4M
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 09 Feb 2023 13:20:46 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E407
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO8BC4b5nS7DttckUfnuP_k&google_cver=1&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdj...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5ODE0NTQ4NzY2NjYwODI3MQ%3D%3D&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdjQPhU...

170 B
329 B

90ms
90ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5ODE0NTQ4NzY2NjYwODI3MQ%3D%3D&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdjQPhUEaD0IipNpqdCc

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5ODE0NTQ4NzY2NjYwODI3MQ%3D%3D&google_push=Aa02lx_ot4aYdteKAccjDInQocsn0DvGaAcns75Fvc0V0wQyMZONMtFODFCZTUDw7vGrL-2TST5rFv_TZ-YTdjQPhUEaD0IipNpqdCc
Date: Thu, 09 Feb 2023 13:20:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 dds
rtb.openx.net/sync/ Frame E407 43 B
351 B 142ms
55ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH7eUJ8hVXw_8PCBzRQgMsk&google_cver=1&google_push=Aa02lx-OxiQklOjhnTSMdK73ZFYwQpiX2Ngs5pmHcfeJKfcFLT-r0SZ7CoWvMx1lUYO3_yNo1o9CKC7WNPZC754f_Smice6AW7jfCgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9804261739658593&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675948846&rafmt=1&to=qs&pwprc=8471112250&format=1200x280&url=https%3A%2F%2Fsao.ren%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675948846858&bpp=1&bdt=3699&idt=0&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64821d8e7f29911-22da04ffdddb0004%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg&gpic=UID%3D00000bb2c6bd138f%3AT%3D1675948846%3ART%3D1675948846%3AS%3DALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg&prev_fmts=0x0%2C716x280%2C716x280&nras=4&correlator=142857955935&frm=20&pv=1&ga_vid=1794596671.1675948846&ga_sid=1675948846&ga_hid=962485926&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071887%2C44779793%2C31071260%2C31071264%2C31072228&oid=2&pvsid=2331296518087755&tmod=687083131&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kJycwjTY4d&p=https%3A//sao.ren&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pnlv8kor7o8s83vjo8pqi5qprj336eis

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E407
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=57iIyy7sSQ6VPOmuMHRhAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

91ms
91ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=57iIyy7sSQ6VPOmuMHRhAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ce3fqYpuqjDIYU0obFj33jZ_YVPcKXAyEQDFoJtACql5PREghxuSsKep80V6bocaD_456NkE9RYJuemPrdVi9FdJ1th_Fkfs

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=57iIyy7sSQ6VPOmuMHRhAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ce3fqYpuqjDIYU0obFj33jZ_YVPcKXAyEQDFoJtACql5PREghxuSsKep80V6bocaD_456NkE9RYJuemPrdVi9FdJ1th_Fkfs
date: Thu, 09 Feb 2023 13:20:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E407
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDzou1CkCuQWZb05cxSnvWQ&google_cver=1&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXI...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXIrJWGh5iOVNO7Tqg

170 B
232 B

90ms
89ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXIrJWGh5iOVNO7Tqg

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Feb 2023 13:20:47 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_isMsRgTxepHfA4J1veLtAzbnpJlma-T4OL0Vy_zZOFb4E_wqHXheZ62RGGotRhqIYqwnsiHm0KNXiVmXIrJWGh5iOVNO7Tqg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: pV6dO79HygnKIP4dR22Q2zeEvD1I1f1il1vqkagNmegMtjOFEarjHw==

GET
H2

200

report
sync.teads.tv/um/ Frame E407
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUn3O3d7PXD2r5EOWMgp00&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlmZDczMDMtMjM2Zi00ZmU4LWI1YTktNWU0OGNmZDliYzhj&google_push=Aa02lx-rBnvv9wUXCDTDqXximw_tOAOwLHctLLVki9HTzEC1UIMBuhcMBDlGCa84rLFqE...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

107ms
107ms

Image
image/gif

23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires: Thu, 09 Feb 2023 13:20:48 GMT
pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E407
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQ...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJSKl5iKj9MpTTyoXZpPIjM%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY0MTgxMTQ1ODM4NjY2Mzk5OA%3D%3D&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbT...

170 B
232 B

101ms
101ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY0MTgxMTQ1ODM4NjY2Mzk5OA%3D%3D&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbTZD8s5ZcZoYJUSzPYimT_YANzZPiL8OSesAprLEF6E72nDFvsxr0pCD5ROA1WhLok3r5eo

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 13:20:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.147.213.140; 185.147.213.140; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 48148563-99fb-4ded-86d2-4770510e760b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY0MTgxMTQ1ODM4NjY2Mzk5OA%3D%3D&google_gid=CAESEJSKl5iKj9MpTTyoXZpPIjM&google_cver=1&google_push=Aa02lx_f5kYxHWtaQz5nPI7-OWDAITsBbTZD8s5ZcZoYJUSzPYimT_YANzZPiL8OSesAprLEF6E72nDFvsxr0pCD5ROA1WhLok3r5eo
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E407 0
40 B 227ms
86ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPZ8P5vrvShj8L0zHvuK0P6QO7SwGT1T2LN-osLGqBNObg5z3JLpx17UCPbQIwo5AR_-lCPQo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9FF2 28 KB
28 KB 64ms
64ms Font
font/woff2 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 23:18:07 GMT
x-content-type-options: nosniff
age: 396160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 23:18:07 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9339 36 KB
14 KB 65ms
64ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:54:27 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 110ms
109ms XHR
application/json 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

6e638ed0de4d4c373f43cbef7814c5ceb2782b7841688f5d195af45d740cbffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12543
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5802 36 KB
14 KB 64ms
64ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:54:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
106ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 13:20:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6171 13 KB
5 KB 72ms
65ms Document
text/html 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 116785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 04:54:23 GMT
expires: Thu, 08 Feb 2024 04:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A43 783 B
534 B 90ms
88ms Document
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

GSE /

Resource Hash

9737783c24adaee1dace1c9e326949b45ddfef6cd12b684ccc1305269f6c9021

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mehPVpnyAzfib7UqwMn0vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sao.ren/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mehPVpnyAzfib7UqwMn0vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 13:20:48 GMT
expires: Thu, 09 Feb 2023 13:20:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A43 0
0 98ms
98ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=2331296518087755&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s43-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6171 36 KB
14 KB 65ms
65ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:54:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6171 0
10 B 65ms
65ms Image
text/plain 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nEXVew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s34-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:20:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81EC 42 B
64 B 99ms
99ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3j5bH8Cde6cFJUOHFkQz_uie11xafWU8DAzD6OborQOfhpnDkPyUIo0gUV1BploWvfrD5pDL6GoczdTOWuRCQod4vFsS4Yqn07uRmHmhnsvwC5uqso1_vCGaaEt164YRvXHh0sA&sai=AMfl-YSK0V2hG9dFu2ljclMTjynF1xhZlReh8xTbcPs-IME9G9lbOTB45nJ3h69b0Kz9qp5V_2RgMOvE5dYi&sig=Cg0ArKJSzIiycJeEBYKUEAE&cid=CAQSGwDUE5ymCpeuKOQPKn1a6FUNvp1ndk3SRFKwtBgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=118,796,1002,1002,1002&tos=118,678,206,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675948847039&rpt=397&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C31 42 B
64 B 98ms
98ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_3LH1Co1xSqPqzYMiMLGQiMpA0c4G5kxIQMTvo9Ws6_Ek3dNZwNGyp1yztsHCaEO-s1OoCYtTtM1jt6KVr-yVzLJ-O6kbH0liKzfFH3-YAzbOqHcFamb542iXbCZoq4AMFjmi4Q&sai=AMfl-YTfpdu6LwIIh_YFrnkYSgCokN5EzOL7AfI1pu1JNpoLzj5qUu6yajEfle1qnmLy7eVlh31r5yUvgCEb&sig=Cg0ArKJSzBl5MOYJtoSREAE&cid=CAQSGwDUE5ymFcBxW_yuWan0c6_1GUy1d68SPxp4rRgB&id=lidar2&mcvt=1000&p=0,0,280,716&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1936607028&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675948846180&rpt=1380&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 13:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
100ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=2331296518087755&bg=!ammlaT3NAAaq5O5FiuQ7ADkAdvg8Wj-DfcmsNVoW9FsbBL9s-5tZX_6l3MUz1_bPu3DyiTK6aefvtdNmmFuuaLntBlo0IEUqDHQCAAAAUlIAAAALaAEHCgBPcTUB_r2Iogkkhcb9q3kl_P49JEsLgUxj-hany2QogGO69lMoLNMw8rekclU7aKAzJQ-vGAGWiNXIbRPx0isBC9zgO92MtwH9JGXGKXio75kCqRLGVyJwNEZX3N2B395aNEg5MUsfFcAi_TEbDlGdLbaJM6ZkZbFkFCgF3AINYG2-9VMaGo4FxEwrHPVLBldgmi8-oFN6ct5sjqqKY641sPt_26qPA0Y2RlPDV1YvV13a3J5BEfPnray6OUNu2S9yg1rgP3DVlaMvtgRqAgcCAQPxXkQq5A-PzyHptfVaaLQ8b8Ej8XBaYcngj5uZZ4RxLrBEkFwck-UvJM5GBh3kGn-8KldsAHNQbsVr26aOxY775sgATWHSAQLUiJqqIq1xul8eOSdMLi_0ra4BiDFT98cIcRZDX3by9VSg32uisXGXhTOJe2K2f66CMh8yGft7VUA5YQCa28CB8Ss9GqMDdV7Zatsq84AhBr29d-Nturwq1PInb353gEi_yu1KYNeBcSmIkGDRf1eoxuVwbk9IDJ9Cv1O4PVWwfLqsGHz7Pkyo_imfzq2ehHswhFnRogmO6NC_lDwjqp8S21YP7GI9L3uLdXWvoye9e5fb-ec1Mbr_JCOlGxL9faLtFpioOgV95szyYPIjlyvW9bVy-NIrZG6iYknmETvbFmlOHtpeH25jzPLD-UGJmOPTRChK9PuKJjOCXhFrxXXd_3Vealg2Rw-lhs0uDl-bvHGWnpPS06_qNDXPwwF_oDB7lm6fFm1kdGuomLf9fe85Zyuowl2a__W7nUNqPcLLZs5BStmTyRfzE7txZCwlzy9bUQTlDk0c4Gd6OaC5OM8-i9Sx_eQdM-6PR0CQuy8AszklDhe2QOz8pVq5XNTEwm38bUBnZ12R0ft-m5JKb6yt9CYSbyxn_-aK1SmY3qckzn8kSmGa0W5c0YOQR1vPQLeBq0-l_GQxP02qI0Re8iwun5QVsMa8JbrZUBb_enEnplZZobEE4hahX1BJE_HlPtMjGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s43-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://sao.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sao.ren/	1969-12-31 23:59:59	Name: __vtins__JYrjVGkUMUpTBuCf Value: %7B%22sid%22%3A%20%2258ff909c-d78a-5e9d-9cc3-754ddaf1b9bf%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201675950645472%2C%20%22ct%22%3A%201675948845472%7D
sao.ren/	1970-01-20 19:08:28	Name: __51uvsct__JYrjVGkUMUpTBuCf Value: 1
sao.ren/	1970-01-20 19:08:28	Name: __51vcke__JYrjVGkUMUpTBuCf Value: 9db8dbf2-9950-5284-a34d-9bc7e3f21d6f
sao.ren/	1970-01-20 19:08:28	Name: __51vuft__JYrjVGkUMUpTBuCf Value: 1675948845475
.sao.ren/	1970-01-20 18:54:04	Name: __gads Value: ID=d64821d8e7f29911-22da04ffdddb0004:T=1675948846:RT=1675948846:S=ALNI_Mbs-DyNCR3SLJsi6ztvxHx4XtXcOg
.sao.ren/	1970-01-20 18:54:04	Name: __gpi Value: UID=00000bb2c6bd138f:T=1675948846:RT=1675948846:S=ALNI_MaRoHMYpBtRINWdwcEc-3MuNmcuzg
.doubleclick.net/	1970-01-20 18:54:04	Name: IDE Value: AHWqTUkU0vFiwSo6gKv8wODfLtad7a6zV9dsUiPUtxyCGR25EmGGbsuu4xAWiiVWpY0
.doubleclick.net/	1970-01-20 09:32:32	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 11:42:04	Name: UserID1 Value: 7198145487666608271
.turn.com/	1970-01-20 13:51:40	Name: uid Value: 3111759512073640554
.360yield.com/	1970-01-20 11:42:04	Name: tuuid Value: e097a9c1-b6d5-4548-a0ef-e17954c83473
.360yield.com/	1970-01-20 11:42:04	Name: tuuid_lu Value: 1675948847
.lijit.com/	1970-01-20 18:18:04	Name: ljt_reader Value: GIMAtGZHksSC_-vsS7aIKq7f
.adnxs.com/	1970-01-20 11:42:04	Name: uuid2 Value: 5641811458386663998
.pubmatic.com/	1970-01-20 09:33:55	Name: KTPCACOOKIE Value: YES
.mathtag.com/	1970-01-20 18:58:24	Name: uuid Value: b39263e4-f330-4900-8adb-dafcf32980b3
.mathtag.com/	1970-01-20 10:15:40	Name: mt_mop Value: 4:1675948848
.1rx.io/	1970-01-20 18:18:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6659668d-5673-4843-b4ba-19bedaccebe9-003%22%7D
.pubmatic.com/	1970-01-20 18:18:04	Name: KADUSERCOOKIE Value: E7B888CB-2EEC-490E-953C-E9AE30746102
.teads.tv/	1970-01-20 18:16:38	Name: tt_viewer Value: 89fd7303-236f-4fe8-b5a9-5e48cfd9bc8c
.targeting.unrulymedia.com/	1970-01-20 18:18:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6659668d-5673-4843-b4ba-19bedaccebe9-003%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-9804261739658593&fa=1&ifi=6&uci=a!6&btvi=3&xpc=m1iCGI0dpg&p=https%3A//sao.ren Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.se
ap.lijit.com
cdn.jsdelivr.net
cdn.staticfile.org
cm.g.doubleclick.net
collect-v6.51.la
dclk-match.dotomi.com
dsp.adfarm1.adition.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.360yield.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
rtb.openx.net
s.ad.smaato.net
sao.ren
sdk.51.la
secure.adnxs.com
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.143.19.103
119.91.65.128
13.32.27.23
142.250.180.194
142.250.180.195
142.250.180.225
142.250.180.228
142.250.201.195
142.250.201.206
142.251.208.106
142.251.208.162
142.251.208.98
142.251.39.34
142.251.39.66
151.101.129.229
163.181.56.174
172.217.19.98
185.29.132.245
185.89.211.12
198.47.127.19
213.19.147.45
216.52.2.48
23.35.209.30
34.98.67.61
35.227.252.103
46.228.164.11
47.253.50.2
52.58.51.57
63.215.202.137
85.114.159.93
00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0ab9305a98b259a8afdfd8d563e9ed1a95cf8d9f5cac89a1516d616384fa4d1f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0fa4ca1db0d4b648369f34adbb60aaf069faef899487ba1cfb68087551023656
1777afa17edaec8d00f589f536d21a845fb7efe472138723d64837de2a3b7e1e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196f7c8c311ed72e0419b4c7afc08ca5a1269f330a2d85a2b5d6fc29e01ebd3f
1ea34d6f67483582c15d9c373fb531d85f5b44621b1e8197aeaa74929594884d
20cf16fe1a276f92edc7af7a3a4b0eb43ca432202d3d959415e379a5aed9a555
2464ee2f5aa6921ff6ecd835ba20cc0a8daddae05459fe86ab05e6c9dac8b15f
2772c6468268acf2ddbf445f4883417ecf788f2bbe8b5094367292c61db0d468
2a4eb46a22d08b162fe67a50db177132370d2127545b2cfc8c156b7ead2dbd20
2faccaa2e5d54f2cfc210c42d640b9aa7b27372acde4e2f57d7da0676a2cce7d
2fad4ed563fec065f8bb3637f48ae125f6af41c0ad4f993c94d27234d84c53a1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324094479f016233a924e185e23dd80695579150b7b84541fa64a828694ac6e7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33411991c9c9dd90fcf1f0ad3d580e3dfdcf0ac7a8352796600569c13d1cab32
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49580fd1db966576453d5217fb0a163c58699c77311b92174bacef6405686b76
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f92fd1cbe52ea412587f68c2e1bb52838d2eb6baf07a96167aad8c6b1be0fcf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591709688ab9dd5efe053e0b628a4a82f2b2d4d2654a3b74249180dd48ec1385
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e638ed0de4d4c373f43cbef7814c5ceb2782b7841688f5d195af45d740cbffa
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6
8d36e0faec4b0153cd08f983cee82e4efc83c667ada3bc36287be516dfa657e8
8df32db012dbcdb5c730495789f026e3eb2f331376eecde77c7eb692708ddc0b
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9737783c24adaee1dace1c9e326949b45ddfef6cd12b684ccc1305269f6c9021
98820b91f8d7dfa19465ae1df26b318be099b2e5472c3b1ac0378f635eb4a053
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b740ec539c5f0632cf4ee315c905abf7f9a20a931b6a8e229304891caddb488
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8d890ffb9211269f2921fa0398048e02a005fb1cf82719c2dff208e2d685f60
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b58c9fe6972630cdc84e535d156a473077aa2808db8e21c022f8b4b39f10dc3e
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c41e8817434111f24d656c1faa6b4ecd87c8adce25d54061e6b61291d8dc49a8
c91613c07584e45e042ee6da8c634b925bb65e9019058a68aaca4939e3d2640c
d0a2886617f6b73793c878c4f798811fed2b88cfd28a47bb5a5fb4c768ce9a66
d121e3acad9c9c9b93c89db7ed46cd312df1745d1d0266188b513fa7a8c135eb
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d376a62629060f298ff66774618c79661ae960bb2d6c71a8cbab8e54f4b3f995
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79dfb46f9afcba3110804424ab94695c1f693403fabb67b4ccae803cb7ca2ad
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cbb05650de3744a390db77c197f4bc1da1969958742f79027b1babfd042205
f48d85c6ea701e417a857cd9292de12c2c0ff795c5ba45f7127c51cc6a97cf3d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f68f3fd80d0cf931eb76bc7b6a55d36e8e5a1a2df622d7caab981f57d28ea4cb
fa79e30500fcb9c831b9a516b362a7b4ca9260ad853d6082fd9cf7328e3c5f93
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

sao.ren Open in urlscan Pro 119.91.65.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

90 %HTTPS

0 %IPv6

26 Domains

33 Subdomains

23 IPs

6 Countries

1514 kBTransfer

3899 kBSize

21 Cookies

8 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sao.ren Open in urlscan Pro
119.91.65.128 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

90 %
HTTPS

0 %
IPv6

26
Domains

33
Subdomains

23
IPs

6
Countries

1514 kB
Transfer

3899 kB
Size

21
Cookies

123 HTTP transactions
6 data transactions