www.epsxe.com Open in urlscan Pro
2607:5300:60:6f48:: Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.epsxe.com/
Submission: On December 03 via api (December 3rd 2023, 5:30:13 am UTC) from US — Scanned from CA

Summary HTTP 91 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 91 HTTP transactions. The main IP is 2607:5300:60:6f48::, located in Canada and belongs to OVH, FR. The main domain is www.epsxe.com.

This is the only time www.epsxe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2607:5300:60:... 2607:5300:60:6f48::	16276 (OVH) (OVH)
13	2607:f8b0:400... 2607:f8b0:4004:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2 9	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c1b::63	15169 (GOOGLE) (GOOGLE)
4	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:4abf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:8507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
91	14

26 2607:5300:60:6f48:: (Canada)

ASN16276 (OVH, FR)

www.epsxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c06::9c (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::63 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4abf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:8507 (United States)

ASN13335 (CLOUDFLARENET, US)

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	496 KB
26	epsxe.com www.epsxe.com	126 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	112 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	82 KB
4	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 12545	362 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	17 KB
1	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 23165	1 KB
91	11

	Domain	Requested by
26	www.epsxe.com	www.epsxe.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	www.epsxe.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cdn.rtbrain.app	googleads.g.doubleclick.net
4	www.googleadservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.epsxe.com
1	g.bidbrain.app	cdn.rtbrain.app
91	13

This site contains links to these domains. Also see Links.

Domain
psxdatacenter.com
twitter.com
www.facebook.com
play.google.com
www.ngemu.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
bidbrain.app E1	`2023-11-02` - `2024-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://www.epsxe.com/
Frame ID: B0EA1915F63C96381578247C3C0CB60F
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: EA220C56078E83921485659FCF88BF40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7645045873107134&output=html&adk=1812271804&adf=3025194257&lmt=1701581408&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.epsxe.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&dt=1701581407901&bpp=3&bdt=711&idt=273&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2290305347854&frm=20&pv=2&ga_vid=1689260080.1701581408&ga_sid=1701581408&ga_hid=1037925601&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809317%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1431134435280795&tmod=566679894&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: DCF28205A4DB614682A3E5CD98751E33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7645045873107134&output=html&h=250&adk=1586272594&adf=2864508501&w=300&lmt=1701581408&channel=3163993803&format=300x250_as&url=http%3A%2F%2Fwww.epsxe.com%2F&ea=0&wgl=1&dt=1701581407652&bpp=254&bdt=462&idt=562&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=2290305347854&frm=20&pv=1&ga_vid=1689260080.1701581408&ga_sid=1701581408&ga_hid=1037925601&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809317%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1431134435280795&tmod=566679894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=569
Frame ID: EFB47DEE24A28204018D862C60ED4C57
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5E7301FD6F2CF09717C91152DD4A5D73
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6826B3C61D032CE70EE94503FEF82B27
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C93A511E2E9501657F6ADFB9C854BC18
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
Frame ID: 82BFA5ED2CCF7AA2DBD5EC1DF9A9327D
Requests: 10 HTTP requests in this frame

Frame: https://cdn.rtbrain.app/ng-assets/creative/assets/index-706f76d8.js
Frame ID: 5B0F98AA7DCE64277B78F5EAD7905B6E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: C572C9C664F4B77F7576149EC607D491
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 72EAA67F080B9A15065C8B8E53E0A60B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21BA52CEF8830DEEB7537A854698A72F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81C909D75017725279A2C6DD15B73314
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the official ePSXe website

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

91
Requests

66 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

1391 kB
Transfer

3041 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://psxdatacenter.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/epsxeteam

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Epsxe-1522225218080824

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.epsxe.ePSXe
Title: Android port in the Google Play Market.

Search URL Search Domain Scan URL

URL: http://www.ngemu.com/
Title: NGEmu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 32

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%20to%20the%20official%20ePSXe%20website&utmhid=1037925601&utmr=-&utmp=%2F&utmht=1701581408430&utmac=UA-24465025-1&utmcc=__utma%3D52808060.1689260080.1701581408.1701581408.1701581408.1%3B%2B__utmz%3D52808060.1701581408.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=450908345&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%20to%20the%20official%20ePSXe%20website&utmhid=1037925601&utmr=-&utmp=%2F&utmht=1701581408430&utmac=UA-24465025-1&utmcc=__utma%3D52808060.1689260080.1701581408.1701581408.1701581408.1%3B%2B__utmz%3D52808060.1701581408.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=450908345&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=CAZjlYBJsZYDPF56G3rsPwYuYuAm5kciwdMq-jJeAEWQQASCuqJADYH2gAdr108ADyAEDqQJqTX86IFO1PqgDAcgDyQSqBMkBT9CPrfYmIGAVtKnnWTBLtgIEcqaa2fRPnAt2t6TDKpZe5bZYxVucqcqE7HVb9JthKAjnATDwMTk4rYvZstr_s77FC2iKBNuIVIJGtxIH669z1LOiTEENSo6Ztn7OvVpXNNdcv_xdIzOMmzbT4L8IQyXPpVTTkc_O6vk_JQNSb0Wc4Jjk4z_A5UVvbCF6exXQsmJC-kwvQTWx2s4gwcvlfw-__aeerIqZGGmDO-QQcvC6hjq0ubZd0fKYq-Kmg9fXwcMo-rGu7udpwAS7g-jtsQSIBcvd2u5LkgUECAQYAZIFBAgFGASgBgOAB46KrD-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCYpgTSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljdwJzbxPKCA5oJjwFodHRwczovL3d3dy5ic2lncm91cC5jb20vZW4tR0Ivc3RhbmRhcmRzL2JzaS1rbm93bGVkZ2Uvc3Vic2NyaXB0aW9uLz9jcmVhdGl2ZT02NjUzNTIyNjAxMDMma2V5d29yZD0mbWF0Y2h0eXBlPSZuZXR3b3JrPWQmZGV2aWNlPWMmZ2Nsc3JjPWF3LmRzJoAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwQCgoQ0K-w54H6sa0aEgIBA9gTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NjQ1MDQ1ODczMTA3MTM0GAA&sigh=Ho1c5mplyRc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNm6rOa22Zvaa9QmxLZfZFTp3cyTRLdeFGF2ZKw2digGqfZPx4r02jpSM-pvSMc0fVACr7bTJCseXw0EyPOiQT99-_e14cGsKm8BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf7b5399993b8ff00000000000000000%22,%222%22:%220x1e01e6e3fe26c1110000000000000000%22,%223%22:%220xd9a25d9d12ee9d9a0000000000000000%22,%224%22:%220xe9441b6280c176460000000000000000%22,%225%22:%220x82858d5ee931aaf90000000000000000%22},%22debug_key%22:%222253224870921960832%22,%22debug_reporting%22:true,%22destination%22:%22https://bsigroup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940899034%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228339063845256722465%22}&andc=true

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=CEFLiYBJsZZHLF93AxtYP_oiZ0AGS7LikbJDumeyUEM7ByZWMDhABIK6okANgfaAB4r-h4gPIAQmpAuPAooiQ3Kg-qAMByANIqgS_AU_Q8PxNLhzi3Ax44BYAWF2kztSAZuxZC7WCJZiKuDhlmTJ0QtuXzJyF6YOvb6GWdYFbqg29Boja1RU-Hl3R3KvoTxC0St3H8T94wVJpCVizAYcnAh8KBvP8htg6QTDbOD4tTN4gBdA7xcX9gzEPhsE4ZIlBbDjiXsELlk-FvqT1XI1aQIZx4gl13HjYgaEJLFyWgudG9o7y1t991fBPiEdtgxgR6NZWdVGTuneovOZBEWKSEHH1gFcYFjwXFTVgwASGpPK_hwSIBYiKwvs-kgUECAQYAZIFBAgFGASgBi6AB4bA3h2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDI6wPSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliju5zbxPKCA5oJRGh0dHBzOi8vZG93bmxvYWQucGNzeXN0ZW1maXguY29tL2RyaXZlcnMvP2JyYW5kPVdpbmRvd3MmbG9nbz13aW5kb3dzgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ0KuumrKc8_NYEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi03NjQ1MDQ1ODczMTA3MTM0GAA&sigh=BP0mp-FHb8s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNK_TawLFIA7FtBmTC4fBN8XVZa0wVkSlpE1_lK1Fh3Gm4Ge85fAYvsjwH5LiN_nPJUeaNzAGc22ErCvBwXpxqNBVdfO-TEy-3G1EYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed5afe721f481540000000000000000%22,%222%22:%220x3fade34e7d1b85490000000000000000%22,%223%22:%220xccdb2c1a929646a50000000000000000%22,%224%22:%220x4b54c647f53fb1900000000000000000%22,%225%22:%220x12bc22baf20fd5bb0000000000000000%22},%22debug_key%22:%223404166114508784184%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211124241285419307697%22}&andc=true

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.epsxe.com/ 42 KB
42 KB 387ms
347ms Document
text/html 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 97e558e6dfd430894e3290e5b2de6357826061e787fd42ab17681df669d6ce02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Dec 2023 05:30:07 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK top_left_line.jpg
www.epsxe.com/images/ 5 KB
5 KB 365ms
324ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/top_left_line.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: bba283d0f6ec96089a0ff2ca86445b62b7ed7ff7198337829e601cd85d991c90

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4914

GET
H/1.1 200
OK bgr_top.jpg
www.epsxe.com/images/ 695 B
938 B 369ms
329ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/bgr_top.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c8cabbe8623ebd1f011a8a64167c0c59d47a7e8ef25d47a7ea82c52538982d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 695

GET
H/1.1 200
OK right_top_line.jpg
www.epsxe.com/images/ 5 KB
5 KB 542ms
102ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/right_top_line.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 199122307221fb259bdf8a932c16659dc36644f976190bf8eb3d887fcf07abf1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4875

GET
H/1.1 200
OK left_banner.jpg
www.epsxe.com/images/ 17 KB
17 KB 644ms
102ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/left_banner.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 833c0342af2923da8c3f5844c530df39f1405c122eff8bbf95cc1eff74d5c9ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17024

GET
H/1.1 200
OK bgr_bottom.jpg
www.epsxe.com/images/ 1 KB
1 KB 658ms
99ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/bgr_bottom.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f7291b4a25e3aa6e69c2a8ab0af10fa35b89baee648b08ab230de9fc71b70b6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1259

GET
H/1.1 200
OK right_banner.jpg
www.epsxe.com/images/ 9 KB
9 KB 671ms
102ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/right_banner.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4aefdde37138bb2fea4fa8155c665392b34cd4356ee258d0e05b1c49a2c8b604

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8765

GET
H/1.1 200
OK left_menu_top.jpg
www.epsxe.com/images/ 5 KB
5 KB 430ms
102ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/left_menu_top.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0d7560b7c08cb45326634b50e833a601e4e962398a5ad2192e5dc6876d5a8a84

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4749

GET
H/1.1 200
OK News_b.png
www.epsxe.com/buttons/ 2 KB
2 KB 425ms
101ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/News_b.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d0d2308d3e7cd826fc9edd2c2d320982047a844766325f2824f3c5da01de1707

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2144

GET
H/1.1 200
OK Downloads_a.png
www.epsxe.com/buttons/ 2 KB
2 KB 351ms
322ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Downloads_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c2fda286ed5a4c9cb712a85f5e1750571093e96f8c892edc8060626a8779590a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1559

GET
H/1.1 200
OK Android_a.png
www.epsxe.com/buttons/ 1 KB
1 KB 467ms
105ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Android_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4ef15ebdf44da531b3ccce85d5ef68b6a9542d97f5e8e2b074cb7483352a9520

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1090

GET
H/1.1 200
OK Help_a.png
www.epsxe.com/buttons/ 826 B
1 KB 379ms
103ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Help_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: e12dc4468960e3e16323ad4b6b7ba9ce9419c91cbe4a9b7b2d65603eaefc13b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 826

GET
H/1.1 200
OK Forum_a.png
www.epsxe.com/buttons/ 919 B
1 KB 459ms
102ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Forum_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 59708e3374fe72c18621cabcc34a6f593bec1f9c1b65fc9761534ffe252cf3f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 919

GET
H/1.1 200
OK Test_a.png
www.epsxe.com/buttons/ 1 KB
2 KB 363ms
334ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Test_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: a52c50e0b98f661a7b694d6cdb95803f7306e0550ad91e5ac41bc2998fca2924

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1296

GET
H/1.1 200
OK Links_a.png
www.epsxe.com/buttons/ 926 B
1 KB 275ms
104ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Links_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4986fdf24457ae9e3447e46950cbc9d8db2ca392bac2f47bb1f226851af8d613

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 926

GET
H/1.1 200
OK Contact_a.png
www.epsxe.com/buttons/ 1 KB
1 KB 527ms
101ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Contact_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 657e828cbfe02b1856f1c490763e0aff2905cbf9214078c240f891b54c3e40e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1211

GET
H/1.1 200
OK Twitter_a.png
www.epsxe.com/buttons/ 1 KB
1 KB 485ms
106ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Twitter_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5727833c5f32a050febbdfb432dcf2d3c543eaf9f35cf132625207dda3e4a75a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Fri, 27 Sep 2013 08:29:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1056

GET
H/1.1 200
OK Facebook_a.png
www.epsxe.com/buttons/ 1 KB
1 KB 171ms
103ms Image
image/png 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/buttons/Facebook_a.png
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: bf4a2970ac96e5a3153603e4a18237d7b3479e63f44d145068e99608b6c0e71d

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Wed, 17 Feb 2016 10:48:43 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1280

GET
H/1.1 200
OK blank.gif
www.epsxe.com/images/ 807 B
1 KB 451ms
100ms Image
image/gif 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/blank.gif
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f6704ab041275e5e1c90ed735a82cc9f4d1f9de1ee8f02d999abe3cf5c5bf6d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 807

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
11 KB 421ms
381ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.epsxe.com
URL: http://www.epsxe.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

316e0c3616bb61a91caa712beb31ee7169c2d3aaa103996d75fc988b899fb080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12405218410664472631
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10525
X-XSS-Protection: 0
Expires: Sun, 03 Dec 2023 05:30:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 569ms
170ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.epsxe.com
URL: http://www.epsxe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5153acb009450b88dbca9bd69fc99078aa4ed74cc7a6bed1baa9e87c2ee943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52812
x-xss-protection: 0
server: cafe
etag: 11145969204556242848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:07 GMT

GET
H/1.1 200
OK epsxe_news.gif
www.epsxe.com/images/ 2 KB
2 KB 128ms
103ms Image
image/gif 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/epsxe_news.gif
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 128d53bf3cf752fed09a109b400f0c8351bcd1ed85e7836937711ea3b4faf7ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1936

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

478ms
97ms

Script
text/javascript

2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.epsxe.com
URL: http://www.epsxe.com/

Protocol

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 04:27:57 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3731
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 03 Dec 2023 06:27:57 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK bgr_menu.jpg
www.epsxe.com/images/ 976 B
1 KB 357ms
328ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/bgr_menu.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1a28e940ac9a7bd6f859d17c8816b9bb425ae630ae8d2ae41f2c538313d5a3c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 976

GET
H/1.1 200
OK collagesmall.jpg
www.epsxe.com/images/ 10 KB
11 KB 100ms
100ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/collagesmall.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: e009da709feb5f8758882a56167f29e3c08c5aeca89f2938a083d9e1ebc940e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Sat, 05 Apr 2008 17:24:38 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10550

GET
H/1.1 200
OK shot8.jpg
www.epsxe.com/screenshots/thun/ 4 KB
4 KB 147ms
105ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/screenshots/thun/shot8.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 646223823eaf9a55494cc21dd148900105979ba97de75a693319eff11c879e04

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:03 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4170

GET
H/1.1 200
OK screenshot.jpg
www.epsxe.com/images/ 3 KB
3 KB 118ms
102ms Image
image/jpeg 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/screenshot.jpg
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8cad993cc20b66bd4064c1ec611dfd6257c766d5802ce70688a9263547414ee7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2953

GET
H/1.1 200
OK news_line.gif
www.epsxe.com/images/ 810 B
1 KB 107ms
99ms Image
image/gif 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/news_line.gif
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: be3e6b931457863f1d3eb048961a043283b820710047511ccbb1f7af52fd743a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 810

GET
H/1.1 200
OK epsxe_news_line.gif
www.epsxe.com/images/ 3 KB
3 KB 184ms
101ms Image
image/gif 2607:5300:60:6f48::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.epsxe.com/images/epsxe_news_line.gif
Requested by: Host: www.epsxe.com
URL: http://www.epsxe.com/
Protocol: HTTP/1.1
Server: 2607:5300:60:6f48:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1639e48e457638c20097d8128813f272e11ce8fbd1ddd328c4692f881ee77f44

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 05:30:07 GMT
Last-Modified: Mon, 04 Apr 2005 14:35:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2684

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 152ms
152ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06dd569c0a66536ae58f9a1b97665ae0746275ff77d0d727d81d456cab53e0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137633
x-xss-protection: 0
server: cafe
etag: 4701372086334965694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame EA22 9 KB
4 KB 518ms
118ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 69549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:10:59 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 10:10:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCF2 210 KB
58 KB 971ms
857ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7645045873107134&output=html&adk=1812271804&adf=3025194257&lmt=1701581408&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.epsxe.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&dt=1701581407901&bpp=3&bdt=711&idt=273&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2290305347854&frm=20&pv=2&ga_vid=1689260080.1701581408&ga_sid=1701581408&ga_hid=1037925601&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809317%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1431134435280795&tmod=566679894&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea12d461d7c5ba164251fffbeee192c6f5c42931d4b3b533fff7134fb05afb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:09 GMT
expires: Sun, 03 Dec 2023 05:30:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EFB4 130 KB
41 KB 887ms
789ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7645045873107134&output=html&h=250&adk=1586272594&adf=2864508501&w=300&lmt=1701581408&channel=3163993803&format=300x250_as&url=http%3A%2F%2Fwww.epsxe.com%2F&ea=0&wgl=1&dt=1701581407652&bpp=254&bdt=462&idt=562&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=2290305347854&frm=20&pv=1&ga_vid=1689260080.1701581408&ga_sid=1701581408&ga_hid=1037925601&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809317%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1431134435280795&tmod=566679894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c010bae20694fb129bf28c4b58a66ab243f832f405a7e8d01c6e5050dcfca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42135
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:09 GMT
expires: Sun, 03 Dec 2023 05:30:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome...

35 B
197 B

118ms
118ms

Image
image/gif

2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%20to%20the%20official%20ePSXe%20website&utmhid=1037925601&utmr=-&utmp=%2F&utmht=1701581408430&utmac=UA-24465025-1&utmcc=__utma%3D52808060.1689260080.1701581408.1701581408.1701581408.1%3B%2B__utmz%3D52808060.1701581408.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=450908345&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.epsxe.com
URL: http://www.epsxe.com/

Protocol

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:30:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876774166&utmhn=www.epsxe.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%20to%20the%20official%20ePSXe%20website&utmhid=1037925601&utmr=-&utmp=%2F&utmht=1701581408430&utmac=UA-24465025-1&utmcc=__utma%3D52808060.1689260080.1701581408.1701581408.1701581408.1%3B%2B__utmz%3D52808060.1701581408.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=450908345&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame EFB4 9 KB
4 KB 514ms
132ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7645045873107134&output=html&h=250&adk=1586272594&adf=2864508501&w=300&lmt=1701581408&channel=3163993803&format=300x250_as&url=http%3A%2F%2Fwww.epsxe.com%2F&ea=0&wgl=1&dt=1701581407652&bpp=254&bdt=462&idt=562&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=2290305347854&frm=20&pv=1&ga_vid=1689260080.1701581408&ga_sid=1701581408&ga_hid=1037925601&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809317%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1431134435280795&tmod=566679894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 01:55:18 GMT

GET
H2 200 7c8fef2b841c224dc9dd256dc808a409.js Show response
www.gstatic.com/mysidia/ Frame EFB4 42 KB
16 KB 527ms
145ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 01:55:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EFB4 2 KB
875 B 142ms
142ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame EFB4 23 KB
10 KB 457ms
134ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 00:33:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame EFB4 24 KB
9 KB 167ms
166ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EFB4 3 KB
1 KB 126ms
125ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:17:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EFB4 20 KB
9 KB 589ms
136ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFB4 202 KB
64 KB 573ms
156ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:09 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame EFB4 37 KB
15 KB 112ms
111ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 00:30:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 160 KB
55 KB 141ms
141ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js?bust=31079860

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6ab2f98b19c03301808ee488551666a7e830ffb1d0b69f3fb137d0437c3b8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55929
x-xss-protection: 0
server: cafe
etag: 13579783240567237134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:09 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 5E73 9 KB
4 KB 118ms
117ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 30374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:03:55 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 6826 9 KB
4 KB 136ms
136ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 30374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:03:55 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5E73 4 KB
1 KB 533ms
144ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 05:26:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:30:10 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5E73 16 KB
7 KB 143ms
142ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 03:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 03:07:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5E73 22 KB
9 KB 121ms
120ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:35:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 6826 24 KB
9 KB 144ms
144ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C93A 143 B
228 B 124ms
123ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:45:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6826 3 KB
1 KB 139ms
139ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:17:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6826 20 KB
8 KB 158ms
158ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 3413395762108814822
tpc.googlesyndication.com/simgad/ Frame 6826 23 KB
23 KB 167ms
167ms Image
image/gif 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3413395762108814822

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5501a056e80cca6859862bc90b76f84a00ebb5a2f0ab51e4c6d266d88aa4ecc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 00:09:18 GMT
x-content-type-options: nosniff
age: 19251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23382
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 14:03:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 00:09:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6826 202 KB
64 KB 177ms
177ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6826 36 KB
15 KB 114ms
114ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:08:40 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/ Frame 82BF 13 KB
5 KB 171ms
171ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a53a8b75085a632f76c5fdc44d5d3ac4cf2b1216e8b96fd9b439eaf044426c85

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3542
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:09 GMT
expires: Mon, 02 Dec 2024 05:30:09 GMT
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EFB4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ed7012e790a48cf56bcce5a98eed7df29108f6cd3d82e502583716b828e35b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C93A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

125ms
124ms

Document
text/html

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:10 GMT
expires: Sun, 03 Dec 2023 05:30:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6826 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f431d7854821ee6b33c21aa4c2d685f2545cf3214c3a24a50683ada5b7e7792b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 82BF 6 KB
3 KB 115ms
114ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 03 Dec 2023 20:08:40 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 82BF 34 KB
13 KB 152ms
151ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 15:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 03 Dec 2023 15:37:37 GMT

GET
H2 200 f6775969ec84658998d822a892f2114d.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/ Frame 82BF 72 KB
18 KB 153ms
153ms Script
application/x-javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/f6775969ec84658998d822a892f2114d.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84263808fbb6a72b04085b32f0201bdb4270bfa354f35ffe6f3e92b29ff5cfc2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 03 Dec 2023 05:30:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 05:30:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6826
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAZjlYBJsZYDPF56G3rsPwYuYuAm5kciwdMq-jJeAEWQQASCuqJADYH2gAdr108ADyAEDqQJqTX86IFO1PqgDAcgDyQSqBMkBT9CPrfYmIGAVtKnnWTBLtgIEcqaa2fRPnAt2t6TDKpZe5bZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf7b5399993b8ff00000000000000000%22,%222%22:%220x1e01e6e3fe26c1110000000000000000%22,%223%22:%220xd9a25d...

0
0

469ms
121ms

Fetch
text/css

142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbf7b5399993b8ff00000000000000000%22,%222%22:%220x1e01e6e3fe26c1110000000000000000%22,%223%22:%220xd9a25d9d12ee9d9a0000000000000000%22,%224%22:%220xe9441b6280c176460000000000000000%22,%225%22:%220x82858d5ee931aaf90000000000000000%22},%22debug_key%22:%222253224870921960832%22,%22debug_reporting%22:true,%22destination%22:%22https://bsigroup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940899034%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228339063845256722465%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xbf7b5399993b8ff00000000000000000","2":"0x1e01e6e3fe26c1110000000000000000","3":"0xd9a25d9d12ee9d9a0000000000000000","4":"0xe9441b6280c176460000000000000000","5":"0x82858d5ee931aaf90000000000000000"},"debug_key":"2253224870921960832","debug_reporting":true,"destination":"https://bsigroup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940899034"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"8339063845256722465"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 05:30:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xbf7b5399993b8ff00000000000000000","2":"0x1e01e6e3fe26c1110000000000000000","3":"0xd9a25d9d12ee9d9a0000000000000000","4":"0xe9441b6280c176460000000000000000","5":"0x82858d5ee931aaf90000000000000000"},"debug_key":"2253224870921960832","debug_reporting":true,"destination":"https://bsigroup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940899034"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"8339063845256722465"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 82BF 4 KB
785 B 144ms
143ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/f6775969ec84658998d822a892f2114d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de04008749cf9cfc88fc1a95d1566c053297e39fbba5376181b843f3ee798e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 04:58:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:30:10 GMT

GET
H2 200 bbfbadb1805b988cc0671b757d96bb0c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/media/ Frame 82BF 5 KB
5 KB 117ms
116ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/media/bbfbadb1805b988cc0671b757d96bb0c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34a0ab8f2394ff4e36d87ca3861fce6f18fa7a8876b24d3020d76aaa2d027e12

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 03 Dec 2023 05:30:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5285
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 05:30:10 GMT

GET
H2 200 1ae33053cce0f526b8022d27fe7d43e8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/media/ Frame 82BF 3 KB
3 KB 118ms
118ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/media/1ae33053cce0f526b8022d27fe7d43e8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcfd7ea062a9256c24e6cbd24167fe0bcaf17b3d6432da7e35415fb61c338c1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16386207219171385032/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 03 Dec 2023 05:30:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2712
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 05:30:10 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 479ms
169ms Preflight
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 05:30:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index-706f76d8.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 5B0F 104 KB
39 KB 469ms
109ms Script
application/javascript 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-706f76d8.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de89c4a25e25206da52f6e349a98ef4f86f6a70f353e55100f7975fbdbaf305

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1612
cf-polished: origSize=106642
x-guploader-uploadid: ABPtcPqPTWXTSociCkvVU22q6cnuKT4N_E-DHin4mMcAGVD3VA2Mt2lE5RpJjVpF7HS1g-ePQfTJVE7uOb4f-PTYk_6wEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 15:35:57 GMT
server: cloudflare
etag: W/"335ae18292933d4bfd2fe0a899922c0c"
vary: Accept-Encoding
x-goog-generation: 1701185757470516
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=E9zrBw==, md5=M1rhgpKTPUv9L+ComZIsDA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7bKKVEA4xsr%2BeMtrOvQV563sAbiFQFWQaw6aBaldjxURL023zlO2fc8TNC25RF15wlsl18Qf29bI2Vvhas25HX7dykNowUWwvCiuOsclLm8RElwHlXAN32c3zxk8hPUMr7ZLc4%2BeF9RtuyvCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 106642
cf-ray: 82f96a886c7336bb-YYZ
expires: Sun, 03 Dec 2023 05:21:00 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 5B0F 12 KB
4 KB 469ms
104ms Stylesheet
text/css 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1621
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPq2hbl5t8LKD9QpU8w2ZNByvOkvnYm4LFQBvj3oXTSl9VyvoUglOX_Hw7IT6GWZaax-ZPXvWfbwx_YPcp_Qa2Cwkg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oWsWzs5AV9VtPOr6Ap%2F8HGJRt2lFACp9klHOtttH8g3SqESnQfhuIITGvFyIDP9c63o1n4A6A%2FNcN57m4YiqefFGxsdCoDZ70cTBH0L%2FUOEC4Yq8Qigpx0lRLMj%2BTfS31f%2FOjfPvdYYZl3zmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 82f96a886b8b38e5-YYZ
expires: Sun, 03 Dec 2023 06:03:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B0F 3 KB
1 KB 137ms
136ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:17:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B0F 20 KB
8 KB 115ms
114ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:53:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B0F 202 KB
64 KB 132ms
131ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:30:10 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 82BF 20 KB
21 KB 528ms
119ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:21 GMT
x-content-type-options: nosniff
age: 34189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 20:00:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 82BF 15 KB
16 KB 576ms
175ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:54:19 GMT
x-content-type-options: nosniff
age: 77751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:54:19 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame C572 50 KB
19 KB 118ms
117ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 19:58:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EFB4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEFLiYBJsZZHLF93AxtYP_oiZ0AGS7LikbJDumeyUEM7ByZWMDhABIK6okANgfaAB4r-h4gPIAQmpAuPAooiQ3Kg-qAMByANIqgS_AU_Q8PxNLhzi3Ax44BYAWF2kztSAZuxZC7WCJZiKuDh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed5afe721f481540000000000000000%22,%222%22:%220x3fade34e7d1b85490000000000000000%22,%223%22:%220xccdb2c1...

0
0

123ms
122ms

Fetch
text/css

142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed5afe721f481540000000000000000%22,%222%22:%220x3fade34e7d1b85490000000000000000%22,%223%22:%220xccdb2c1a929646a50000000000000000%22,%224%22:%220x4b54c647f53fb1900000000000000000%22,%225%22:%220x12bc22baf20fd5bb0000000000000000%22},%22debug_key%22:%223404166114508784184%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211124241285419307697%22}&andc=true

Protocol

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xed5afe721f481540000000000000000","2":"0x3fade34e7d1b85490000000000000000","3":"0xccdb2c1a929646a50000000000000000","4":"0x4b54c647f53fb1900000000000000000","5":"0x12bc22baf20fd5bb0000000000000000"},"debug_key":"3404166114508784184","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"11124241285419307697"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 05:30:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xed5afe721f481540000000000000000","2":"0x3fade34e7d1b85490000000000000000","3":"0xccdb2c1a929646a50000000000000000","4":"0x4b54c647f53fb1900000000000000000","5":"0x12bc22baf20fd5bb0000000000000000"},"debug_key":"3404166114508784184","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"11124241285419307697"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 552ms
135ms XHR
application/json 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd48400c2e835f9fbcb2821634f4363f6c51b0cfcf1b972c61304d73109dc74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12112
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 72EA 50 KB
19 KB 117ms
117ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 19:58:28 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 82BF 50 KB
19 KB 122ms
122ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 19:58:28 GMT

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 5B0F 159 KB
160 KB 99ms
99ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2342
x-guploader-uploadid: ABPtcPod_fXnwSoZ6HXLsCxsU0AAWeBhyPQiDmKoEn9LO58zy1ya0R1azs5L-3VtUVHzWKuG9tGJ6DB9GKqjNMqdfO6UF5ueJ49-
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FWT3rQEN8Aq7D3aPaoRXCt7%2BrU8BCcJM%2BXm5q9ybqTdaenaQvVj0CUL6yuxkH5ChHl7tzjxhp81rhGvXY1M7vxulvyHVH1dfZPgjijWSEIxtEEIYZcLFRsA02PBOW%2F4OIk5uZ0ZUljKeGYCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 82f96a8a9f3736bb-YYZ
expires: Sun, 03 Dec 2023 05:42:17 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 5B0F 159 KB
159 KB 219ms
219ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1573
x-guploader-uploadid: ABPtcPpaHhYXBT39WwWdIobKDN0_pD4-boZ_ifIJUG_TOBluDf_PY8vOkIqn8GLZ_ePWIUCO-HnjATlkbNJ_jX7vkdLcxg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1%2B3oYgEdlP6iU6oKp624zRtFaUErx%2B9UmiRm7j7E8UjVVJSne3sovOtsVTDuex%2FPjy1hVtXJBbYkr04q4Usfw2u2nq8eVLqGUY9bikRedaWLrb4D5GNjLWgQaPMH9Mt5qKqC3eAECsK6OBl4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 82f96a8a9f3f36bb-YYZ
expires: Sun, 03 Dec 2023 05:39:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFB4 42 B
64 B 506ms
132ms Fetch
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXBzjlKUgndF4Hv2Jv--e70_SScaXJeNCaB_JQ_g-yiXMNQlbHyaImzsmoliU92fdo0pbMfIK9buR0D755E6_aoDdbURf2m9toj6MnoAUsMm_yxKNqGG-x8D8CQwAglUDwCSxDID1Q3g&sai=AMfl-YQZYJ2WWnU2mCIg0dQrInnucjfiyzKb44tTuEqvGGwcTiE3c-x8653xWsM0_Pl_ouqueAePw521F49HLAD66iwDZBH9Ly61yHnu2dYaOPwyh3COZGpP84lnpzAtRuX-owcAoujraBE30LYMOOf6qY96THQcd4MXPNCg&sig=Cg0ArKJSzDPUH_q1WWPIEAE&cid=CAQSTwDICaaNK_TawLFIA7FtBmTC4fBN8XVZa0wVkSlpE1_lK1Fh3Gm4Ge85fAYvsjwH5LiN_nPJUeaNzAGc22ErCvBwXpxqNBVdfO-TEy-3G1EYAQ&id=lidar2&mcvt=1016&p=0,0,250,300&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1586272594&rs=2&la=0&cr=0&vs=4&r=v&rst=1701581408222&rpt=1700&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6826 42 B
64 B 490ms
147ms Fetch
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCB-NjwG3u9AM5ksZseZs-SSvbmZAc5ueIDaWQG9LxIt-rPz0hyqEdT9pi7OxTrG_WuR1X9aLuvxDUJdmZ8PVRniKXc6_LYIQrVr_y_VQQZGtuYqnXhFnodT0vg0sus6jl6iSBACEy2A&sai=AMfl-YQtvDV2pqgAZsYV29OKgSLkoiF6BpH86HVQV9NhZ52eaQMUVCw2VEHaIfQTgCAM6L1PXZxT_dWCVVV_G7BTgqRHm_6tSxSUG1AtpBlVi7mm4nlATttRVnSUoKZWvtME6ovfmuOLvEIVJmS8v0VwjOm9D4VvshJtEKI&sig=Cg0ArKJSzInJU9VQEJT2EAE&cid=CAQSTgDICaaNm6rOa22Zvaa9QmxLZfZFTp3cyTRLdeFGF2ZKw2digGqfZPx4r02jpSM-pvSMc0fVACr7bTJCseXw0EyPOiQT99-_e14cGsKm8BgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=164,833,1001,1001,1001&tos=164,669,168,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1701581409531&rpt=440&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 5B0F 0
1 KB 555ms
185ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-706f76d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 05:30:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2FPn%2BYS8N3SJx6E65qdJ%2BhuYvmu0BS8%2FHB97AI4k0Qwnw7G1V89K6DtwUo6M9oR0pGpyzWrggySb7b1umT0Fll7sLkh2ww9DEXZVUNINQLzwPE4HpI3ndki3TtJFOwxlNF%2Blv0iYucyfrlcyg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f96a8d6a4236a6-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
122ms Preflight
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 05:30:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
133ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 05:30:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21BA 13 KB
5 KB 117ms
115ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 2298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:51:53 GMT
expires: Mon, 02 Dec 2024 04:51:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81C9 829 B
1000 B 133ms
132ms Document
text/html 2607:f8b0:4004:c1b::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bcd12e5d8b3baaaaf4ce00a25abbe654feedbee75433edf0e9f6fe151a67bdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GqOqVPTnWNWKL5J11WJU2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.epsxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GqOqVPTnWNWKL5J11WJU2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 05:30:11 GMT
expires: Sun, 03 Dec 2023 05:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 21BA 39 KB
15 KB 117ms
116ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 16:56:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81C9 0
0 141ms
140ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1431134435280795&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 21BA 0
10 B 118ms
118ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JwHCiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 133ms
132ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1431134435280795&bg=!TU6lTgHNAAY3kmNgF5I7ADQBe5WfOOll9oVpkh86s46sZ7GdatWudRYmGjB6bCy8BrISxjkEyAfa6DWLNJE5xvubMgM_AgAAAU1SAAAABGgBB5kCspSBBOCMx6jhyHQFSvHNRFNAM7-rwKstnOrgozMzwZTp6G0_CE7lJEiG2WvG-HI7lkrE8nCwtqFnx-UeIUCGPSB7GP0p-ZWNWlPisBK3svty8qh3cvPKTBxgXUxZ0sRFi5fyu2oFwxxeAWv1NvIkFgSb7ftvKg1AvmHlBbJeV4_uyiJOCKDm53h3Tyaq7lopFdKqJ90PKohN8V4PrzLFKXRpOZOi3Cquo0xDFbOVjBxjcB3B-uTw5MS5kv_ObEmhV_LuT_B74bM74I3foi86e8b745KX0D4CnYJ9BBXfLL8SiPvsiQpwX72MFNxiULTRBV3Em3vJx9xHp9B5F1J6ZFCiI_Xtg1lJV3ulV3BWXAdGKYBQkUGmePJ0nJ7uG3jAe_AZ7vAo7QdYebrNgVZb3PQIJjO8dpPiYwATSDIy62-4ivKlj_CELvV1Hrsefh1O8ZZApiYSd6N_a--fSTl1J1oY9js2vwnfOoPKJctk17lSxr-eFgrvyADwwUTyU3YRcGhRUjBUB2Z7NxaNvmIKgTsLkqW5eJQn-dNhdcAg-4wfAOqf_vpe7a3JggcSyazmPUsIPLioK7WD8lY3Q-V3kcoreexlP_0lVMXOlKH15mWqozFRJvAVbRGBsb9j-Y1E2RP35RAWMso6Q-jfs1PvDhtwhw7mM0lBdtBjgHl-qLFr4gs81EN9mmIchohJhQbUvPcuL0Au2cM-Yyu_KshRKzgtVIeLLcudgygim9SUqr92pevPD7M06MU0YqJ7R1smHCNQ_9e3kU9KUL-fiy5W3hzwQYmczgrtk6z8BNekhQK6udncosaulgszn92tUisVVDKshM8rYNXxEaIA_iln6ai-6D8DraxiGwtKr2m1k9JKlgnCuAME6deBrOtezAs1nVZ0UbfqIu2eN8r_zI73RcVSwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.epsxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.epsxe.com/	1969-12-31 23:59:59	Name: __utmc Value: 52808060
.epsxe.com/	1970-01-20 21:02:29	Name: __utmz Value: 52808060.1701581408.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.epsxe.com/	1970-01-20 16:39:42	Name: __utmt Value: 1
.epsxe.com/	1970-01-21 02:15:41	Name: __utma Value: 52808060.1689260080.1701581408.1701581408.1701581408.1
.epsxe.com/	1970-01-20 16:39:43	Name: __utmb Value: 52808060.1.10.1701581408
.epsxe.com/	1970-01-21 02:01:17	Name: __gads Value: ID=a9158e914c9fb8bf:T=1701581408:RT=1701581408:S=ALNI_MZFkKVGyzVoa7_ZY-Fwt7xh6LBvRw
.epsxe.com/	1970-01-21 02:01:17	Name: __gpi Value: UID=00000da556d012ef:T=1701581408:RT=1701581408:S=ALNI_MbEllSH9hAz86-a8xqy3ia2nHdq3w
.doubleclick.net/	1970-01-21 02:15:41	Name: IDE Value: AHWqTUlTyjHyHHbwnA9LkKYDRRIoPPwITWKBvFLQ9w6_53iNrLem2yhScTYIHrIHtvE
.doubleclick.net/	1970-01-20 16:39:45	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:49:17	Name: ar_debug Value: 1
.bidbrain.app/	1970-01-21 02:15:41	Name: uid_cross Value: 075e8320-919d-11ee-b3f7-7667e5cd8658
.bidbrain.app/	1970-01-20 16:39:48	Name: sid_cross Value: 059d8314-919d-11ee-9352-ce2ac1f1a1a0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rtbrain.app
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.epsxe.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.251.16.157
2001:4860:4802:34::178
2606:4700:20::ac43:4abf
2606:4700:3033::ac43:8507
2607:5300:60:6f48::
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::63
06dd569c0a66536ae58f9a1b97665ae0746275ff77d0d727d81d456cab53e0e5
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0bcd12e5d8b3baaaaf4ce00a25abbe654feedbee75433edf0e9f6fe151a67bdd
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d7560b7c08cb45326634b50e833a601e4e962398a5ad2192e5dc6876d5a8a84
0e5153acb009450b88dbca9bd69fc99078aa4ed74cc7a6bed1baa9e87c2ee943
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128d53bf3cf752fed09a109b400f0c8351bcd1ed85e7836937711ea3b4faf7ad
1639e48e457638c20097d8128813f272e11ce8fbd1ddd328c4692f881ee77f44
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199122307221fb259bdf8a932c16659dc36644f976190bf8eb3d887fcf07abf1
1a28e940ac9a7bd6f859d17c8816b9bb425ae630ae8d2ae41f2c538313d5a3c7
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2de89c4a25e25206da52f6e349a98ef4f86f6a70f353e55100f7975fbdbaf305
2ed7012e790a48cf56bcce5a98eed7df29108f6cd3d82e502583716b828e35b7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316e0c3616bb61a91caa712beb31ee7169c2d3aaa103996d75fc988b899fb080
34a0ab8f2394ff4e36d87ca3861fce6f18fa7a8876b24d3020d76aaa2d027e12
39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4986fdf24457ae9e3447e46950cbc9d8db2ca392bac2f47bb1f226851af8d613
4aefdde37138bb2fea4fa8155c665392b34cd4356ee258d0e05b1c49a2c8b604
4ef15ebdf44da531b3ccce85d5ef68b6a9542d97f5e8e2b074cb7483352a9520
5501a056e80cca6859862bc90b76f84a00ebb5a2f0ab51e4c6d266d88aa4ecc1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5727833c5f32a050febbdfb432dcf2d3c543eaf9f35cf132625207dda3e4a75a
59708e3374fe72c18621cabcc34a6f593bec1f9c1b65fc9761534ffe252cf3f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646223823eaf9a55494cc21dd148900105979ba97de75a693319eff11c879e04
657e828cbfe02b1856f1c490763e0aff2905cbf9214078c240f891b54c3e40e1
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
81c010bae20694fb129bf28c4b58a66ab243f832f405a7e8d01c6e5050dcfca0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833c0342af2923da8c3f5844c530df39f1405c122eff8bbf95cc1eff74d5c9ea
84263808fbb6a72b04085b32f0201bdb4270bfa354f35ffe6f3e92b29ff5cfc2
8cad993cc20b66bd4064c1ec611dfd6257c766d5802ce70688a9263547414ee7
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
97e558e6dfd430894e3290e5b2de6357826061e787fd42ab17681df669d6ce02
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a52c50e0b98f661a7b694d6cdb95803f7306e0550ad91e5ac41bc2998fca2924
a53a8b75085a632f76c5fdc44d5d3ac4cf2b1216e8b96fd9b439eaf044426c85
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bba283d0f6ec96089a0ff2ca86445b62b7ed7ff7198337829e601cd85d991c90
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bd48400c2e835f9fbcb2821634f4363f6c51b0cfcf1b972c61304d73109dc74f
be3e6b931457863f1d3eb048961a043283b820710047511ccbb1f7af52fd743a
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bf4a2970ac96e5a3153603e4a18237d7b3479e63f44d145068e99608b6c0e71d
c2fda286ed5a4c9cb712a85f5e1750571093e96f8c892edc8060626a8779590a
c8cabbe8623ebd1f011a8a64167c0c59d47a7e8ef25d47a7ea82c52538982d42
d0d2308d3e7cd826fc9edd2c2d320982047a844766325f2824f3c5da01de1707
de04008749cf9cfc88fc1a95d1566c053297e39fbba5376181b843f3ee798e90
e009da709feb5f8758882a56167f29e3c08c5aeca89f2938a083d9e1ebc940e1
e12dc4468960e3e16323ad4b6b7ba9ce9419c91cbe4a9b7b2d65603eaefc13b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab2f98b19c03301808ee488551666a7e830ffb1d0b69f3fb137d0437c3b8b9
ea12d461d7c5ba164251fffbeee192c6f5c42931d4b3b533fff7134fb05afb0d
ebcfd7ea062a9256c24e6cbd24167fe0bcaf17b3d6432da7e35415fb61c338c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f431d7854821ee6b33c21aa4c2d685f2545cf3214c3a24a50683ada5b7e7792b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6704ab041275e5e1c90ed735a82cc9f4d1f9de1ee8f02d999abe3cf5c5bf6d7
f7291b4a25e3aa6e69c2a8ab0af10fa35b89baee648b08ab230de9fc71b70b6b
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.epsxe.com Open in urlscan Pro 2607:5300:60:6f48:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

66 %HTTPS

92 %IPv6

11 Domains

13 Subdomains

14 IPs

2 Countries

1391 kBTransfer

3041 kBSize

12 Cookies

5 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.epsxe.com Open in urlscan Pro
2607:5300:60:6f48:: Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

66 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

1391 kB
Transfer

3041 kB
Size

12
Cookies

91 HTTP transactions
2 data transactions