v.tikdd.cc Open in urlscan Pro
104.21.2.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://v.tikdd.cc/
Submission: On February 07 via api (February 7th 2024, 8:49:41 pm UTC) from US — Scanned from US

Summary HTTP 104 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 104 HTTP transactions. The main IP is 104.21.2.122, located in and belongs to CLOUDFLARENET, US. The main domain is v.tikdd.cc.
TLS certificate: Issued by GTS CA 1P5 on January 4th 2024. Valid for: 3 months.

This is the only time v.tikdd.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.21.2.122 104.21.2.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	4.79.109.102 4.79.109.102	3356 (LEVEL3) (LEVEL3)
23	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	8.48.85.214 8.48.85.214	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	183.61.243.49 183.61.243.49	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	172.217.165.136 172.217.165.136	15169 (GOOGLE) (GOOGLE)
1 9	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	142.250.65.206 142.250.65.206	15169 (GOOGLE) (GOOGLE)
11	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
2	142.250.65.202 142.250.65.202	15169 (GOOGLE) (GOOGLE)
5	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
22	142.251.40.225 142.251.40.225	15169 (GOOGLE) (GOOGLE)
4	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
2	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
6 8	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
6 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
1	142.250.64.68 142.250.64.68	15169 (GOOGLE) (GOOGLE)
104	21

5 104.21.2.122 (None, )

ASN13335 (CLOUDFLARENET, US)

v.tikdd.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.79.109.102 (Seattle, United States)

ASN3356 (LEVEL3, US)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.48.85.214 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

lf3-cdn-tos.bytecdntp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.61.243.49 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

lf6-cdn-tos.bytecdntp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.136 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.40.130 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.40.225 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.6 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.72.98 (Plainview, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (San Francisco, United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.179.164 (North Bergen, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	548 KB
19	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 157	169 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 www.google.com — Cisco Umbrella Rank: 2	71 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	6 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	9 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
5	tikdd.cc v.tikdd.cc	8 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	260 KB
4	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 80043	192 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 139
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	137 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	304 B
2	bytecdntp.com lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 215837 lf6-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 247956	90 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
104	15

	Domain	Requested by
23	pagead2.googlesyndication.com	v.tikdd.cc pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net v.tikdd.cc tpc.googlesyndication.com pagead2.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com v.tikdd.cc
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
5	v.tikdd.cc	v.tikdd.cc
4	www.googletagservices.com	v.tikdd.cc googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	cdn.staticfile.org	v.tikdd.cc cdn.staticfile.org
2	ad.doubleclick.net	v.tikdd.cc
2	www.googleadservices.com	v.tikdd.cc
2	s0.2mdn.net	googleads.g.doubleclick.net v.tikdd.cc
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	v.tikdd.cc
1	lf6-cdn-tos.bytecdntp.com	v.tikdd.cc
1	lf3-cdn-tos.bytecdntp.com	v.tikdd.cc
104	21

This site contains links to these domains. Also see Links.

Domain
www.tikdd.cc
storymm.com
v.qq.com
www.iqiyi.com
youku.com
www.mgtv.com
www.greatwebtool.com

Subject Issuer	Validity	Valid
tikdd.cc GTS CA 1P5	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2023-09-08` - `2024-10-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.bytecdntp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://v.tikdd.cc/
Frame ID: A390F20211DA0DAF4CCEEF5F4C4FE8DF
Requests: 31 HTTP requests in this frame

Frame: https://v.tikdd.cc/xx.html
Frame ID: DF5CF0CCF8780F9166B6285567FA52BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html
Frame ID: B8491D74236B38F981F22E6DC97B16E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8252639461877340&output=html&adk=1812271804&adf=3025194257&lmt=1707316255&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fv.tikdd.cc%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707338969884&bpp=8&bdt=462&idt=632&shv=r20240206&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8551316249428&frm=20&pv=2&ga_vid=206292564.1707338971&ga_sid=1707338971&ga_hid=454416848&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080780%2C31080798%2C42532524%2C44795921%2C31080873%2C95321958%2C95324155%2C95324160&oid=2&pvsid=1210157411632777&tmod=1092023200&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=724
Frame ID: BA6D260F6934A6C2309DCF15B973A359
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 876C2F6C9E3E0DD48DF163E38487C178
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7033459C312BF428BBDEC7FCBADF3CC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7D932D34E23F63597A8CACEE6FC7E783
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A4F9F5EFEAAB5C64466825B439E863C0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUeDF4PR_BCq_Ef1FoKC9fvprtd8QDjPchKdvHKGo1uLYys1w7FhbTWCqJXc6mRr-hU-eQSaMhS8O4ATB0QIAHJQHfVpg
Frame ID: 99FDF149386F7D4D9027252A9FE37D08
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Frame ID: 3C9E3A1E3866D4CD4437082A09BBA6AF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUEOLV9vILVlhb_ohsiHw--p1H0lypimLIkCqUQAhfDLBn1ghUYDjY8ljpuKeQ5Thnh-SJuFbm3NzKFlrACF1Y28dwD-Q
Frame ID: 7A6C1EC07A9FA2DE76E04C2DEEDFA8D9
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/18297129447411228327
Frame ID: DCA1BC111987084693A39F693033BDE5
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: D1A583FCCC1846F97AFF1F872D17AAE9
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9B42381FD48157FF0532546568C2C7F9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 35E7F5C3244FAEA75E8E2AAA8B5BAADE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E847F0CF7D0554CB89B9CB1F0871A7CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: 7CB1B9B24CF3E2CB3813F0F3C4E36705
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F8FF26A5E66770E19D188AD74871CB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A5C116B296C18F44634DF813238A048
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VIP视频在线解析-腾讯视频,爱奇艺,优酷会员电影免费看

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

21
IPs

3
Countries

1625 kB
Transfer

4377 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tikdd.cc/zh-Hans/
Title: 抖音去水印

Search URL Search Domain Scan URL

URL: https://www.tikdd.cc/article/china-download-tiktok.html
Title: 破解版TikTok

Search URL Search Domain Scan URL

URL: https://storymm.com/
Title: 儿童故事网

Search URL Search Domain Scan URL

URL: https://v.qq.com/
Title: 腾讯视频

Search URL Search Domain Scan URL

URL: https://www.iqiyi.com/
Title: 爱奇艺

Search URL Search Domain Scan URL

URL: https://youku.com/
Title: 优酷视频

Search URL Search Domain Scan URL

URL: https://www.mgtv.com/
Title: 芒果视频

Search URL Search Domain Scan URL

URL: https://www.tikdd.cc/
Title: TikDD

Search URL Search Domain Scan URL

URL: https://www.greatwebtool.com/
Title: 免费工具箱

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1&C=1

Request Chain 58

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPs3Vjn9x4o9cqkYIj8OAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDiyw5F6f4WSqpYvr2Z-sVE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDiyw5F6f4WSqpYvr2Z-sVE%26google_cver%3D1

Request Chain 60

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1&C=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPs3Vjn9x4o9cqkYIj8OAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENapsMHT8ktRTWTyg3H7gfY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENapsMHT8ktRTWTyg3H7gfY%26google_cver%3D1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch5eT2uzDZdHzKonXoPMPhYit-Ab51bfPdfy70ZTZEoDHuKa0EBABIKrPsyVgyabujOSkwBOgAen99c8DyAEJqAMByAPLBKoEuwFP0JVLqXlTBpWFrV1JJuRzh7E24c2DcUhnrNlEY6wtLDxNDRUqmrzvjB-HNxW2oI5sidIPNNYhpkVvJuYqJ1nwXFxAJIwlYROUhPDMR7tZBNH_r3VzSPKYMWAF3ZudTI3FkhGRnH0yzpbUmLQrkWtyBdzmv2Swp3Ag7LAHDQgCL9edqTubW3vP1RMXSMTQ2F_FNtuuBp7ImIqzn6JvDPXnJL0k6944ybxMunKem60n8ICGhnM__AHxog1gwATC6OXQvgSIBc-ZzoBNkgUECAQYAZIFBAgFGASgBi6AB6rgirgEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQs_8N0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNvi76aNmoQDmgnkAWh0dHBzOi8vc2VhcmNoLnZ5YWdlci5jb20vP3JnaWQ9ODg4NjU4JnN1Yj1nY2xpZCZxdWVyeT0lRTUlQkIlODklRTQlQkIlQjdTVVYlRTclOEUlQjAlRTYlQUQlQTMlRTYlQjglODUlRTQlQkIlOTMlRTclOTQlQTklRTUlOEQlOTYrJTdDKyVFNiU5NiVCMFNVViVFNiVCOCU4NSVFNCVCQiU5MyVFOSU5NCU4MCVFNSU5NCVBRSVFOCVCRiU5QiVFOCVBMSU4QyVFNCVCOCVBRCZwbGNtbnQ9di50aWtkZC5jY4AKAcgLAdoMEAoKELDCyO7Ik5ijVRICAQPYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItODI1MjYzOTQ2MTg3NzM0MBgA&sigh=bfWIrPAo1zc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_fLRdyQyX7Vrc7Z0A6ENB5qtz2bCuuDyLnc1FINj_dk_K__m9uFSvwvoEytyqVG_r5eIl7ARAMQerwGOBywjq7Ww7gJ9h5N8RkswYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xb46a466df6c284d20000000000000000%22,%223%22:%220xd40345278eec81a0000000000000000%22,%224%22:%220x34e5d3e19d5e5eec0000000000000000%22,%225%22:%220xd59f73686f13783f0000000000000000%22},%22debug_key%22:%2216741132643197330268%22,%22debug_reporting%22:true,%22destination%22:%22https://vyager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229170362538595812337%22}&andc=true

104 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
v.tikdd.cc/ 5 KB
3 KB 388ms
196ms Document
text/html 104.21.2.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.2.122 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae53be1604ae01cb5bee750d6ddda74f8f929ba2b615c1570a64cfed29ac5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851e7fedcc31476f-DFW
content-encoding: br
content-type: text/html
date: Wed, 07 Feb 2024 20:49:29 GMT
last-modified: Wed, 07 Feb 2024 14:30:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy1JMA8bMX2werkRQi3aBG4Gg0MAmm%2Fy4YEPQ8kzax%2BYXlmZu4ykYQIi%2BKGWcQOsN6Vy%2Bhxge0GpoFiS9XO7aSiorEVxKCr3y8vU68U%2Fnv%2BnmMNrSMmJgX1xW8rs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 font-awesome.css
cdn.staticfile.org/font-awesome/4.7.0/css/ 37 KB
9 KB 1359ms
82ms Stylesheet
text/css 4.79.109.102
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.css
Requested by: Host: v.tikdd.cc
URL: https://v.tikdd.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.79.109.102 Seattle, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:30 GMT
content-encoding: gzip
server: nginx
etag: W/"9226-AUCVLGTj8rdO9k4FDy/obqtmJMg"
vary: Accept-Encoding
access-control-max-age: 31104000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
cache-control: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC163_dx-lt-yd-anhui-huainan-6-cache-7, BC196_lt-obgp-fujian-xiamen-33-cache-1, BC6_US-Georgia-atlanta-1-cache-2, BC105_US-Washington-seattle-1-cache-5

GET
H2 200 amazeui.min.css
cdn.staticfile.org/amazeui/2.3.0/css/ 253 KB
52 KB 1407ms
131ms Stylesheet
text/css 4.79.109.102
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/amazeui/2.3.0/css/amazeui.min.css
Requested by: Host: v.tikdd.cc
URL: https://v.tikdd.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.79.109.102 Seattle, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3929d06c0ac7ac1c1ce03d2210f2fe1dbf5293ed53b343329e52a6976945169e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:30 GMT
content-encoding: gzip
server: nginx
etag: W/"3f541-vu1/pKgFlttPPts61IDdXeeuaIU"
vary: Accept-Encoding
access-control-max-age: 31104000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
cache-control: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC21_dx-lt-yd-zhejiang-wenzhou-11-cache-2, BC196_lt-obgp-fujian-xiamen-33-cache-1, BC34_US-Georgia-atlanta-1-cache-4, BC103_US-Washington-seattle-1-cache-5

GET
H2 200 style1.css
v.tikdd.cc/static/ 3 KB
1 KB 190ms
188ms Stylesheet
text/css 104.21.2.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.tikdd.cc/static/style1.css

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.2.122 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81159229ed9fd9d8ec125edebbb88cae735746814b5fb8e511ff0f7b136c3708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 14:08:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf9a66-c56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR8rjnOv%2Btry3d59K4ogyHXAD0xFSRXxO%2F5UE5k0VB%2F%2BPX1akmU1XNte53o1ioZlFXoV4xP1jraVMpJsjilODZm%2BM6Rjfojk63Pofwrid50%2FzjWLgfPBeEEnxkqf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 851e7fef1dc3476f-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 Feb 2024 08:49:29 GMT

GET
H2 200 style.css
v.tikdd.cc/static/ 5 KB
2 KB 194ms
193ms Stylesheet
text/css 104.21.2.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.tikdd.cc/static/style.css

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.2.122 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c700043fd2538a42c2a10d69ee0821e8e100127b50c560f4634d9a33ea07525a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 15:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bfaa4a-14b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jtky98XTI21qB%2Fxka7NMxgFDz4zbYs0yIDhiXMCxpBb5YjHW6vtEl6nLMEXRjMDgN5BdoT5g47Ly3m9lc7d9LTRZiZ7duABsma42qROlvn7LydU1%2FdQoel%2FLoXns"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 851e7fef1dc4476f-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 Feb 2024 08:49:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 303ms
138ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8252639461877340

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

9993e203094ac6e2c32b4a4fa6caa39f796ba0824e3f1a46f8d67a0dce5daca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Origin: https://v.tikdd.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51265
x-xss-protection: 0
server: cafe
etag: 12089411258111000750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 07 Feb 2024 20:49:29 GMT

GET
H2 200 email-decode.min.js Show response
v.tikdd.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 46ms
45ms Script
application/javascript 104.21.2.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.tikdd.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.2.122 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bd0be2-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c0HesowvfKUUdKD9sKTwJp%2FUoqlEY9l1nmcnt39j5iS2Xfkiwp8kMiGK%2BnvdbkyAKWPGFBjFF131bN7gSt9jBfXNP7Bx8aaEfeXX3Y4Ft7mxO%2Fz0ybfEFDAqWQe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 851e7fef1dc6476f-DFW
expires: Fri, 09 Feb 2024 20:49:29 GMT

GET
H2 200 jquery.min.js Show response
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 87 KB
31 KB 1861ms
71ms Script
application/javascript 8.48.85.214
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by: Host: v.tikdd.cc
URL: https://v.tikdd.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.48.85.214 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:41:31 GMT
content-encoding: gzip
via: cache31.l2us1[259,258,200-0,M], cache29.l2us1[260,0], cache8.us11[0,10,200-0,H], cache4.us11[14,0]
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-tt-trace-id: 00-2402080441314D3FBEA69671E8883284-3EADC0954914C137-00
age: 480
x-swift-cachetime: 2592000
x-cache: HIT TCP_HIT dirn:10:187493862
server-timing: inner; dur=12
x-swift-savetime: Wed, 07 Feb 2024 20:41:31 GMT
content-length: 30947
last-modified: Sun, 24 Apr 2022 19:10:58 GMT
server: Tengine
x-tt-logid: 202402080441314D3FBEA69671E8883284
etag: W/"6265a0c2-15d9d"
vary: Accept-Encoding
ali-swift-global-savetime: 1707338491
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 0190e25c588fc2149c9bb2e08436619452b097b9c2f87b619bfeb9a1fca685a09e4c8b9910c26cd66d58bb2d7729a35ee3eed23e315ff686641392093fa8afa64ce38dc6b52da8fc57e7337bc804f4ab9e
x-response-cinfo: 185.189.25.172
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 0830559817073389712808610e
expires: Fri, 08 Mar 2024 20:40:06 GMT

GET
H2 200 amazeui.min.js Show response
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/amazeui/2.7.2/js/ 206 KB
59 KB 2062ms
281ms Script
application/javascript 183.61.243.49
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/amazeui/2.7.2/js/amazeui.min.js
Requested by: Host: v.tikdd.cc
URL: https://v.tikdd.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.61.243.49 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: 791c29dee0bfabddeef72c6d85429a1e28d8e5ad33366e68a8f714e507e9bfed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:30:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 461935
x-link-via: dgct63:443;hamp12:443;
x-cache-status: HIT from KS-CLOUD-HA-MP-12-27, HIT from KS-CLOUD-DG-CT-63-16
server-timing: inner; dur=14
content-length: 59190
last-modified: Sat, 22 Jan 2022 02:05:45 GMT
server: nginx
x-tt-logid: 2023050914032715F5FC254142170A01B4
etag: W/"61eb6679-33817"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 0154915baa0bd44d4d9c4eb96a10a02c63898575874e9a1494b3225918e4a05e082a09551daef054b9f3e19b36e7bcb11ef94d956cd367c2f240c980a8d438234834d1198d96233dacc331fe0431a55a52af0f79129771ead5167fc42ae2c26041a289325dc0cd3016204b3bc25840c00d0c96d4f119f2aa18f5c81eaf67100a8b
x-response-cinfo: 185.189.25.172
accept-ranges: bytes
x-response-cache: edge_hit
timing-allow-origin: *
x-cdn-request-id: 6b2616817f1fdea7116b2dc90f4eee45
expires: Sun, 03 Mar 2024 12:30:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 274ms
110ms Script
application/javascript 172.217.165.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9NKBTYSZL8

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

463f4a4da8dd261ad9a6e5987cf3329f32bcbc1a75e1e6e1c33e281209d5bea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 20:49:29 GMT

GET
H2 200 xx.html Show response
v.tikdd.cc/ Frame DF5C 810 B
772 B 96ms
94ms Document
text/html 104.21.2.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.tikdd.cc/xx.html

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.2.122 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c95b08ca0491a8a502f65ed923b72fcc4e8aa7b66f70347b022965cb75b7c9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851e7fef4e06476f-DFW
content-encoding: br
content-type: text/html
date: Wed, 07 Feb 2024 20:49:29 GMT
last-modified: Wed, 07 Feb 2024 14:27:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVIDY%2BHYYydVY9MKSnEOJgQW15kpS3FW%2BnxJXr784UUnHirb06h5IXBcmOzjKcwvPkvfbmrcac7hAGPN67rCI71T0fRPtZtjvi3eiFQ%2F4gKL02WzmWWQyAtQDubb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 329ms
148ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8252639461877340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

e0afc6897864bfd94cd752b0c64264be0aa6501af4609fb5217c00fedf0ca27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140880
x-xss-protection: 0
server: cafe
etag: 12178876750936945839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/ Frame B849 9 KB
5 KB 252ms
77ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8252639461877340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:06:50 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 20:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA6D 596 KB
146 KB 1124ms
1123ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8252639461877340&output=html&adk=1812271804&adf=3025194257&lmt=1707316255&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fv.tikdd.cc%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707338969884&bpp=8&bdt=462&idt=632&shv=r20240206&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8551316249428&frm=20&pv=2&ga_vid=206292564.1707338971&ga_sid=1707338971&ga_hid=454416848&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080780%2C31080798%2C42532524%2C44795921%2C31080873%2C95321958%2C95324155%2C95324160&oid=2&pvsid=1210157411632777&tmod=1092023200&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=724

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

b1cf9dcf608c3eb39e6f7e87e0d528de914448b0c5d07ff0dd8fdf16b7f57b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 148881
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:49:31 GMT
expires: Wed, 07 Feb 2024 20:49:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff2
cdn.staticfile.org/amazeui/2.3.0/fonts/ 55 KB
56 KB 493ms
80ms Font
application/octet-stream 4.79.109.102
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/amazeui/2.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/amazeui/2.3.0/css/amazeui.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.79.109.102 Seattle, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://cdn.staticfile.org/amazeui/2.3.0/css/amazeui.min.css
Origin: https://v.tikdd.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:31 GMT
server: nginx
access-control-max-age: 31104000
access-control-allow-methods: GET, POST
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC65_dx-lt-yd-jiangsu-lianyungang-14-cache-6, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC32_US-Michigan-chieago-1-cache-1, BC103_US-Washington-seattle-1-cache-5

GET
H2 200 fontawesome-webfont.woff2
cdn.staticfile.org/font-awesome/4.7.0/fonts/ 75 KB
76 KB 82ms
76ms Font
application/octet-stream 4.79.109.102
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.79.109.102 Seattle, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.css
Origin: https://v.tikdd.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:31 GMT
server: nginx
access-control-max-age: 31104000
access-control-allow-methods: GET, POST
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC26_dx-lt-yd-anhui-huainan-6-cache-11, BC196_lt-obgp-fujian-xiamen-33-cache-1, BC8_US-Georgia-atlanta-1-cache-2, BC105_US-Washington-seattle-1-cache-5

POST
H2 204 collect
www.google-analytics.com/g/ 0
250 B 512ms
97ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9NKBTYSZL8&gtm=45je4250v9104831225za200&_p=1707338971565&gcd=13l3l3l3l1&npa=0&dma=0&cid=206292564.1707338971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707338971&sct=1&seg=0&dl=https%3A%2F%2Fv.tikdd.cc%2F&dt=VIP%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%A3%E6%9E%90-%E8%85%BE%E8%AE%AF%E8%A7%86%E9%A2%91%2C%E7%88%B1%E5%A5%87%E8%89%BA%2C%E4%BC%98%E9%85%B7%E4%BC%9A%E5%91%98%E7%94%B5%E5%BD%B1%E5%85%8D%E8%B4%B9%E7%9C%8B&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9NKBTYSZL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://v.tikdd.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 119ms
119ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js?bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

1f1cf2d9942b684e07b831abd515fda9b3bb4ecc7f667ab032c2835368d01ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57051
x-xss-protection: 0
server: cafe
etag: 11667352426055398245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:32 GMT

GET
H2 200 ca-pub-8252639461877340 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 296ms
120ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8252639461877340?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

87045b8a5c3b3f349efc818cb2b0ed709c77d4c037f6e36f71f1557cd944bb6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ml98H0AxBKgb8sOV04vz0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-ml98H0AxBKgb8sOV04vz0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sOoxSXF4K4hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0D4rLb51jrgFhY7jyrNBAL8XDcudm_jk1gxcWZqxkB9MRV5Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 876C 9 KB
4 KB 78ms
77ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:18:09 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 7033 9 KB
4 KB 81ms
80ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:18:09 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 7D93 9 KB
4 KB 79ms
77ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:18:09 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame A4F9 9 KB
4 KB 79ms
76ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:18:09 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUjaVY2CoYcqiWpIF_oWPeiVOmb8s5DdCMBK0VcrUhHCplX5iC47_pmBfI8MGmu3xSQ2PgByKyABJm-qy1gAU9zUPNpjEn7ZzCUerlm6lFN16C7gPLdbo92eHJGO18VzZqV-YNx5Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 108ms
107ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUjaVY2CoYcqiWpIF_oWPeiVOmb8s5DdCMBK0VcrUhHCplX5iC47_pmBfI8MGmu3xSQ2PgByKyABJm-qy1gAU9zUPNpjEn7ZzCUerlm6lFN16C7gPLdbo92eHJGO18VzZqV-YNx5Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MzM4OTcyLDY1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly92LnRpa2RkLmNjLyIsbnVsbCxbWzgsIkZaRGxrRU1FSXpFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FZDlkEMEIzE.es5.O/am=wA/d=1/rs=AJlcJMyw8bzdkUS4uSVukMqnvDZxa2Y9PQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

ebe9e39c5754da36ed3ff552384204e00f1b2ac692047cd0d83c476c64510ebc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4n41o2uw5GHRGOH5rJOrdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4n41o2uw5GHRGOH5rJOrdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71s9gjQfistvnWOuAWFjuPKs0EAvxcNy52b-OTeDG4fU3mAAgHlE6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 876C 4 KB
1 KB 373ms
93ms Stylesheet
text/css 142.250.65.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:48:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 876C 205 B
295 B 418ms
124ms Image
image/png 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:46:27 GMT
x-content-type-options: nosniff
age: 10986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Feb 2025 17:46:27 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 876C 604 B
920 B 414ms
121ms Image
image/png 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:53:04 GMT
x-content-type-options: nosniff
age: 449789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 01 Feb 2025 15:53:04 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 876C 16 KB
7 KB 468ms
163ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:01:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 876C 22 KB
10 KB 386ms
81ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:01:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 99FD 624 B
246 B 116ms
115ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUeDF4PR_BCq_Ef1FoKC9fvprtd8QDjPchKdvHKGo1uLYys1w7FhbTWCqJXc6mRr-hU-eQSaMhS8O4ATB0QIAHJQHfVpg

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:49:33 GMT
expires: Wed, 07 Feb 2024 20:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 3C9E 23 KB
9 KB 78ms
76ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:30 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 3C9E 8 KB
3 KB 82ms
79ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:30 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C9E 41 KB
14 KB 477ms
225ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 18:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 3C9E 3 KB
1 KB 475ms
224ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 3C9E 20 KB
8 KB 346ms
95ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C9E 205 KB
65 KB 345ms
109ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C9E 42 B
63 B 138ms
134ms Image
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHpuwi5zp-KJ-2u1qBO9Ej_XFiD0vdnMo5Fe5uGC5d5GoPTaTSUd6hJkyx0ixHltP_8EgCGEiS6mESJgA60ryaXWUjxAtYqwJn2JlkfT4lt80DDfE

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 18297129447411228327
s0.2mdn.net/simgad/ Frame 3C9E 68 KB
69 KB 1297ms
81ms Image
image/jpeg 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18297129447411228327

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

sffe /

Resource Hash

0ed8412c81d9fbc4d9e3e232a1f834f830c47620c6567e53e6f52d49d7198130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 04:46:14 GMT
date: Tue, 06 Feb 2024 04:46:14 GMT
x-content-type-options: nosniff
age: 144200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69668
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 03:04:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7A6C 624 B
246 B 182ms
182ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUEOLV9vILVlhb_ohsiHw--p1H0lypimLIkCqUQAhfDLBn1ghUYDjY8ljpuKeQ5Thnh-SJuFbm3NzKFlrACF1Y28dwD-Q

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:49:33 GMT
expires: Wed, 07 Feb 2024 20:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 18297129447411228327
s0.2mdn.net/simgad/ Frame DCA1 68 KB
68 KB 1298ms
138ms Image
image/jpeg 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18297129447411228327

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

sffe /

Resource Hash

0ed8412c81d9fbc4d9e3e232a1f834f830c47620c6567e53e6f52d49d7198130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 04:46:14 GMT
date: Tue, 06 Feb 2024 04:46:14 GMT
x-content-type-options: nosniff
age: 144200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69668
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 03:04:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame DCA1 23 KB
9 KB 78ms
77ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:30 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame DCA1 8 KB
3 KB 81ms
81ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:30 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DCA1 41 KB
14 KB 320ms
140ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 18:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame DCA1 3 KB
1 KB 341ms
162ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame DCA1 20 KB
8 KB 303ms
125ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCA1 205 KB
65 KB 390ms
224ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA1 42 B
63 B 135ms
133ms Image
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2II42d05d-ZPGWVGM5ehzGuw1KTsfseOZiAYJHCVO2KMOvc-LxArMd2TXH_BE8ZrRZ-toJVwjfKYp2GeLsYLMzxjRtBncaxnlV6LQsuvpPuojwkk

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A4F9 7 KB
1 KB 219ms
94ms Stylesheet
text/css 142.250.65.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f10.1e100.net

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:56:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A4F9 2 KB
875 B 332ms
188ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame A4F9 23 KB
9 KB 339ms
201ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A4F9 3 KB
1 KB 328ms
190ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A4F9 20 KB
8 KB 272ms
135ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4F9 205 KB
65 KB 308ms
184ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame A4F9 37 KB
16 KB 202ms
79ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H2 200 3476445066299407086
tpc.googlesyndication.com/simgad/4309056314366565154/ Frame A4F9 20 KB
20 KB 298ms
164ms Image
image/jpeg 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4309056314366565154/3476445066299407086?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

95125a62ec3c99fc33335992b1251d0dfab544374743e4c22c0d7ee2e80eb055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 16:45:37 GMT
date: Thu, 01 Feb 2024 16:45:37 GMT
x-content-type-options: nosniff
age: 533036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20397
x-xss-protection: 0
last-modified: Sat, 27 May 2023 22:51:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame A4F9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A4F9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 AGSKWxW1cZWoxX4-RIbENudVo9AuaWBkBtdVUy7XR988h7hvyNQQjkJRa2bH_SeNYYypj1u1KDfKecwLeidKjCUIhDWXvRTRFnXpc-eVqNhh_YWaacrz5inxqgzWq3c1ECpQAD5nVaXQBw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 138ms
137ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1cZWoxX4-RIbENudVo9AuaWBkBtdVUy7XR988h7hvyNQQjkJRa2bH_SeNYYypj1u1KDfKecwLeidKjCUIhDWXvRTRFnXpc-eVqNhh_YWaacrz5inxqgzWq3c1ECpQAD5nVaXQBw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MzM4OTczLDc3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly92LnRpa2RkLmNjLyIsbnVsbCxbWzgsIkZaRGxrRU1FSXpFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

26b94d4319bd02a3b04e4bb8d4337d37039655e1c043d6954d63a9469028574d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VIhNwupnjqHAWKOjccKNrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-VIhNwupnjqHAWKOjccKNrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KMhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9bPYI0H4rLb51jrgFhY7jyrNBALcXPcvdm_jk1gwZytTgCiDFVh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 99FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1&C=1

43 B
340 B

110ms
99ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUeDF4PR_BCq_Ef1FoKC9fvprtd8QDjPchKdvHKGo1uLYys1w7FhbTWCqJXc6mRr-hU-eQSaMhS8O4ATB0QIAHJQHfVpg
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVF0xQRZfouwGtjA2auZd5Cqr4LpYweo%2F5bHsJlql6ycuFQ%2B8jbB%2FeJYNp92eQSYVZzo%2FA%2FGp4FGoHjzrjwFRC9HzfLV%2BIAxaSpuLwCeaf5NBKsk21dEi1DsCwzHsr1FCXhIoJcFPnrhBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e800a78312d2f-DFW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBo3gX%2B2KqDN4QX%2BbaCbfOu2pRV6o%2FOBcbcRLotj9ZblWKkcV5WYKrmQmSXLOnqAPoBG1%2B9wp5ytctENfWsCMOjqN%2FtyczQW4geGF6Wc1VG4rhQenCZcJmj2k0wQf1%2B0NwL9kW8N2kig8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBV-sQSmndfLG9Kssc4NYIQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 851e80099f632d2f-DFW
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 99FD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPs3Vjn9x4o9cqkYIj8OAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1

43 B
731 B

104ms
103ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUeDF4PR_BCq_Ef1FoKC9fvprtd8QDjPchKdvHKGo1uLYys1w7FhbTWCqJXc6mRr-hU-eQSaMhS8O4ATB0QIAHJQHfVpg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgbGPxmBmEjgVQE83CSQUNnRlvAKPgdgpoJixBSh%2F9tLyHJj2DoWydwqrhcsoo4soYLTtHWxCG05q5vr8bP7aUFXny2KnT8KgPgxS1h7lgP7qF6HXGkEsTuXbSb37Mfv%2F2sFZMP0cpqJAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e800c4acee8f5-DFW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 99FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDiyw5F6f4WSqpYvr2Z-sVE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDiyw5F6f4WSqpYvr2Z-sVE%26google_cver%3D1

43 B
1 KB

106ms
104ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDiyw5F6f4WSqpYvr2Z-sVE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUeDF4PR_BCq_Ef1FoKC9fvprtd8QDjPchKdvHKGo1uLYys1w7FhbTWCqJXc6mRr-hU-eQSaMhS8O4ATB0QIAHJQHfVpg

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: 551bee48-154d-48d3-bbd3-cda8d5379d5e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: 986994ef-38f8-4858-9a97-0535223afc2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDiyw5F6f4WSqpYvr2Z-sVE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99FD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

170 B
188 B

107ms
106ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

Requested by

Protocol

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: 84d3e0dc-e148-422f-96d9-8ea83e601d6a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame D1A5 2 KB
856 B 106ms
80ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame D1A5 23 KB
9 KB 106ms
80ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame D1A5 3 KB
1 KB 106ms
82ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame D1A5 20 KB
8 KB 102ms
78ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1A5 205 KB
65 KB 121ms
98ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:33 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame D1A5 37 KB
15 KB 99ms
78ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7A6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1&C=1

43 B
326 B

112ms
102ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUEOLV9vILVlhb_ohsiHw--p1H0lypimLIkCqUQAhfDLBn1ghUYDjY8ljpuKeQ5Thnh-SJuFbm3NzKFlrACF1Y28dwD-Q
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLZ25inA6%2Bq8cnWAyfA4wcqU7BWYcKx93nK5Yl51BsT6KOuo7ndDzt2PgDfh3%2B7L%2FePvsBNdE54KXNe%2BdICy09iVe9kvewQzUw36pPuqkt7BooXIswqo9AE26iEtGqWzHw7wN3ufgX2TqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e800a78332d2f-DFW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgKQ5aBJvAjy92IyXXYWxe1gM6rMzlyjOq7n571APDVjvDlKlFsPt3mS1lSog8ZBgajR3554pAxu6Bcy8OfBWZmPd2IvS8PxrJ8Hqk0lhqFu45j7UF5TvXODRO6PdF78CPZA2ilMkDeW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 851e80099f612d2f-DFW
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7A6C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPs3Vjn9x4o9cqkYIj8OAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1

43 B
768 B

96ms
96ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUEOLV9vILVlhb_ohsiHw--p1H0lypimLIkCqUQAhfDLBn1ghUYDjY8ljpuKeQ5Thnh-SJuFbm3NzKFlrACF1Y28dwD-Q
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwaO9SJ%2FiD22jrRvWxzGybLOUX18l041ToB0TNJfiogtS8ow%2FPS8Faxv9Srq0Ka7rnzWIDJb0WXjoVCKxBpg3LXmYFYmWhWtJbJmRIHP3XryCDM79JduOcIb9Vzxbk3om4CfD7zqvjBdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e800c4acde8f5-DFW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELbnJyeruhkWXXtqsQoV8XM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 7A6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENapsMHT8ktRTWTyg3H7gfY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENapsMHT8ktRTWTyg3H7gfY%26google_cver%3D1

43 B
1 KB

97ms
97ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENapsMHT8ktRTWTyg3H7gfY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYz9S2hgIwAQ&v=APEucNUEOLV9vILVlhb_ohsiHw--p1H0lypimLIkCqUQAhfDLBn1ghUYDjY8ljpuKeQ5Thnh-SJuFbm3NzKFlrACF1Y28dwD-Q

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: ecd65bb1-5bbd-4ee2-bf88-913e3c8095ec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: 239623ad-bb8e-4cd1-b253-443e40bda13d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENapsMHT8ktRTWTyg3H7gfY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A6C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

170 B
188 B

107ms
106ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D

Requested by

Protocol

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:34 GMT
an-x-request-uuid: 95a80f36-d3b4-402d-add7-a130aef7421a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2Mjc2MjUxMDAzMDQ3MzcwMA%3D%3D
x-proxy-origin: 185.189.25.172; 185.189.25.172; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A4F9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dccbc2a4d48a21d00b0803946374bbd63e90094cc2665b3dec4b3223ba6df96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B42 38 KB
13 KB 77ms
76ms Document
text/html 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 560290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:11:23 GMT
expires: Fri, 31 Jan 2025 09:11:23 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 35E7 38 KB
13 KB 81ms
79ms Document
text/html 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 560290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:11:23 GMT
expires: Fri, 31 Jan 2025 09:11:23 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A4F9 21 KB
21 KB 549ms
82ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:26:04 GMT
x-content-type-options: nosniff
age: 559410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:26:04 GMT

GET
H3 200 7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E847 50 KB
19 KB 77ms
76ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

sffe /

Resource Hash

ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19829
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:50 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B42 39 KB
15 KB 77ms
77ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:18:20 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 35E7 39 KB
15 KB 82ms
82ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:18:20 GMT

GET
H3 200 expandable_ad Show response
fundingchoicesmessages.google.com/f/AGSKWxWdce2h401Rwp45K8n1Qb8Xoqf7jcGOVBdZZM53kSxYmwghR7KoKHCg5P-GUzXqjJIQmvDuoHlevfWLQCRd8oUK2Y0GfUqxxTMWfs6eX_6hI8lDNGnOnViZAnExoEBwQBub7yCG_C2manFfg1CUISyfKJq3R... 54 B
110 B 116ms
109ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWdce2h401Rwp45K8n1Qb8Xoqf7jcGOVBdZZM53kSxYmwghR7KoKHCg5P-GUzXqjJIQmvDuoHlevfWLQCRd8oUK2Y0GfUqxxTMWfs6eX_6hI8lDNGnOnViZAnExoEBwQBub7yCG_C2manFfg1CUISyfKJq3RjwPDx5l06_f3PiXTJ8haSN_Qc4lW8DQ/_/native-ad-/expandable_ad?/text_ad._adsbgd./pop_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FZDlkEMEIzE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyU_3sk5VY5eOf6OsJnZHqq09iKSg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

ce4b8b21b021ad6b87466bdde12b7c98a52b59b0cb597572ac012eb2a2ee52ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-J-mu6IuhsvYiuG8pBl8QJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-J-mu6IuhsvYiuG8pBl8QJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71s9gjQfistvnWOuAWFjuPKs0EAvxcNy72b-OTWDHnBe7GQEeqlEP"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 79ms
76ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24651
x-xss-protection: 0
server: cafe
etag: 1327764161256606968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 21:38:05 GMT

POST
H3 204 AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 256ms
100ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SagfkaIX2BZXfk1FnwLVuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SagfkaIX2BZXfk1FnwLVuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEwnLnWaWBWIiH497N_nVsAgt2b21kAgDKTh7Y"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://v.tikdd.cc
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A4F9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch5eT2uzDZdHzKonXoPMPhYit-Ab51bfPdfy70ZTZEoDHuKa0EBABIKrPsyVgyabujOSkwBOgAen99c8DyAEJqAMByAPLBKoEuwFP0JVLqXlTBpWFrV1JJuRzh7E24c2DcUhnrNlEY6wtLDx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xb46a466df6c284d20000000000000000%22,%223%22:%220xd40345...

0
0

299ms
136ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xb46a466df6c284d20000000000000000%22,%223%22:%220xd40345278eec81a0000000000000000%22,%224%22:%220x34e5d3e19d5e5eec0000000000000000%22,%225%22:%220xd59f73686f13783f0000000000000000%22},%22debug_key%22:%2216741132643197330268%22,%22debug_reporting%22:true,%22destination%22:%22https://vyager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229170362538595812337%22}&andc=true

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc766af1e02ce28580000000000000000","2":"0xb46a466df6c284d20000000000000000","3":"0xd40345278eec81a0000000000000000","4":"0x34e5d3e19d5e5eec0000000000000000","5":"0xd59f73686f13783f0000000000000000"},"debug_key":"16741132643197330268","debug_reporting":true,"destination":"https://vyager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"9170362538595812337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:49:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 20:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc766af1e02ce28580000000000000000","2":"0xb46a466df6c284d20000000000000000","3":"0xd40345278eec81a0000000000000000","4":"0x34e5d3e19d5e5eec0000000000000000","5":"0xd59f73686f13783f0000000000000000"},"debug_key":"16741132643197330268","debug_reporting":true,"destination":"https://vyager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"9170362538595812337"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CB1 50 KB
19 KB 80ms
79ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

sffe /

Resource Hash

ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19829
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:50 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7KRbluPjVVnEAr89KQNIXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-7KRbluPjVVnEAr89KQNIXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEwnLnWaWBWIiL4_7N_nVsAjum1AEAjAoeDQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://v.tikdd.cc
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W1Df8X7IVp5F0d3OrNfHGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W1Df8X7IVp5F0d3OrNfHGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEwnLnWaWBWIib4_7N_nVsAi9aN3MDAKvFHnE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://v.tikdd.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NFviWJ6xFrMxE6QnMifr_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-NFviWJ6xFrMxE6QnMifr_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tDikmII1pBiWMS_i6mW4RlTKxAz_nnBxAnE7yRfMX0D4h0-HixTAmewzgFip_QZrCFAXHb7HGsdEAvLnWeVBmIhbo77N_vXsQnc2HmVFwAjDCA4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://v.tikdd.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW0tjNcJ7q6Y80yz98-0Xb65LScvhhSFMio8NuBiBouPQVR6gcOPb_2xm7qCv4AkbioU6Eaz3DRgHCkW85iOoxyx3sgC6Vp4nBr5LllDq9RObCfm_b36WeNhD1rTF_RpxawfBg1mA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 118ms
117ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0tjNcJ7q6Y80yz98-0Xb65LScvhhSFMio8NuBiBouPQVR6gcOPb_2xm7qCv4AkbioU6Eaz3DRgHCkW85iOoxyx3sgC6Vp4nBr5LllDq9RObCfm_b36WeNhD1rTF_RpxawfBg1mA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MzM4OTc0LDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly92LnRpa2RkLmNjLyIsbnVsbCxbWzgsIkZaRGxrRU1FSXpFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

89620fe80f5c0f43928f9d6d50fdce6e8fbf3eb1cd7fbf10214a11997eb0800a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N9R0u3Kmcz-jmXWzsno8rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N9R0u3Kmcz-jmXWzsno8rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71s9gjQfistvnWOuAWFjuPKs0EAtxc9y_2b-OTeDHiV5uAM2oUG8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35E7 0
20 B 147ms
143ms Image
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPzHo2uzDZc_zKonXoPMPhYit-AYAAAAAOAHgBAI&bg=!Z2SlZCvNAAaxkZ3akZE7ADQBe5WfOCUrDgMwdlBDuJtSGAUPUp1l-TUBuLLjDWozDnBzAcwKpZwtdMpPjvg0slJW2LqcAgAAAyVSAAAABmgBB5kDBZaSGpptCu2g4Jp3-g604vlQ3M76QDXgodhPAokGhF5Y6xW3lnLsejhlVII6tciC4vrPlSqdJ9qMAT01Gjz9FmB7fOF_-ZVfzOuSc52G9YkiP7gbwZ2qSvu0YLzCux-xyFTQwV4u3tp9tYjY4BhUDOFrsS_mmPRf8t6899V0qgJ-2nrsj00eVWcV68vkV57al6DqJwPE0QZM_ZkSrMCzeMNKGHS5pMz-p8hpNFn6PIU4xwfhFM-j2DeGJcml8mO4U_bBfLOGya1p0hMsAPEEEonDucAFTnC79o6aIbtAsbcz4fE833cBQrpXGYXcRU1fHGi2GDJyPkJSssq3AyywJH1Tph3iI9xUgxOFszwuntuqKH2TPxJiV02_mzHLluyaxoe1Bc1gQfu3cGUa_tehbxGIodPtPgWFT7bblW9bfLyi_YgRJ-KG9w66y3bowV1u01W1i2zoJRWz6JCKxOMOsvEGoMqmp6tVQxwL-nsYG6mSZAqJe6YHgSyqYofZ3yWySiOpj0AUiC-HjyczOA5By-h3XqfrwCXBrAZVP-DpEJKx7ugXoW9bba8HX09OwrOkmhSLrLrAjgi4-OJKITrA1F_etF3IkP8q36SCayCrI-_dI-rbJfN1QXYSUwfrA1PeR71UiUd3remjOed_r_1hu6tE3B3eLrFxNSrdYFqkNXXBjwBEAmQXyRg_mp42ghD_7nSy2krD1J4Fq8jJlUIKng7jQQ1ZnZ7Wr5mQnC2eaktRIV-5_1zc4QZv8CB5RHkExJPNySLlJ5Tfguf8iw0vxSSz_B5gDAR6NiJlBOG2BOQ710FzUjJBY2NfhqfIWHKSV2sxjcFG0unMdzB8JLzldXO7zOTeDAn4INMGIuzZ9WGelVs2t9FSybJegn0hdma1J2pB8JTshT_WdBJ0BW4xPreBFgVbOxOQgbPdrj-XrvPkNJ66Zds0RXR7RiPfeo1DDaXawTpqP6mUy6yGuJj2LjwtFmdFvIy6V7zIa8cKWZKywsLdRI6GKrdSjGWSkRkJivxwLhzE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B42 0
20 B 146ms
143ms Image
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYnwF2uzDZdDzKonXoPMPhYit-AYAAAAAOAHgBAI&bg=!iYqlisXNAAaxkZ3akZE7ADQBe5WfOErH8K2Yg3jqkw4sZw2oL-yQ_cJmjjuztD2ryx1ddLSgAPeTiBrqMyY8dMBuKNGKAgAAA09SAAAABWgBBwoAeyw2yLbeNY_x5qgAV9Nm8BKgW4kscRm_xe3Flj_TFRAPH7uhxK5woRE92H-KO5iYAm0nu8uVPgHYSQOpmBAl8BSuVIjCkSvlYqAQnPail4BBLFvRus5zxbY5aGBWKqH6Y_oe9OgZ_m1j4k8Uu53MhqtTI9OSK95HD-auUZkDCJYI_Qxc6iFgOqtkdQ5hyJBuKHYqSmm6DbfBCz2sVsG82MfrnF4WS40TpwVV0MfPy46JpK6YX-xXUYRW8CcNedu1Pf-9VBnc12ZRp1jd3PiWzH4NR1H2JDd2dO-EaYgw-BEa0QIyarH7gq_S2LHCes-w0B1F7tqlzFuLmEc5rKAjTZF_Ipik8XFpXFZq4KDovt_FeI9jpO9dWGKcR6AqsmhqiVIALNe9wZHLCvSxjYzNGCBDcfrsWN-CdRP7OupDX7kXrLcA9QQdVylZ5WnHL53hPA3NrmB54g_NzBMy7ED21yxSBicuj5tD-WmgfcLPth3o6CRySfFNc8w7JoGBDu3SjtpP8Kpz_dLdvACTn25FBGxUepI6sbmLuBqxxEGDNedoairtcPbjeZUwXUll8BikqQmB-NytTnJTpkNSDBAAiJ983GQDYMwXpq41Hu5wz8Hf5Cp89tEHJl1mV8Exq7jAXEvrKocVzveKmxK-T1IxzvqAkNGWfBPoK8fdn2PpxT0daqDIVtNVSkKhJktOndavPAg8VuX7qp0eBGmcNDqp-gewpDINYRNdPHZfsHO6yy0Ch5ixxfrmAR1JFdjUNhQ8pFI3nj3C4kKYxBlcg4gKizl5H1McyUjVBkIRNd0ofYRXfTeLWYKvcToeQCqHmwRnGcdC6jr6g9KmNsQj95W8BAGizFsHS47lWmZvJ0FECvktF-i0mNJ9k-7NWIxNi6fx7-uY0IUjtkL1fPntW3jF4-84BBN4eoCbD9WLr6hQZ-mSRUE7lzHsmUT8Fun0W7BIFzx-ZomjViCZGVkFuX6ANu9ORdrCK7VnxuTVb_Rp6H0E-eHbJ7_yYWeQiR2uXNXvp999KHmFcGOu7YrXHgrKXjoAdwN64OuaTRuv9H3fwAtDNtniOTnzTJ9mgXPreZQJqbcLiojcr-X2BJKyREtx22fIkWPb9EIKfcxkxongx62Dc73rCj682ZCE-uHg6SKVeoh7P4PEL5fCICoXAJCVe_kGOPANYq_s2mN1t-EZ1_ilRF5BfZW4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 557ms
137ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 20:49:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxX-pYnQOS0UxL_7-ygaE3C8-jlOCMdMcT8I6wgMi690dGPcmcRYOTIy-vEAVJYfOMQlqxeweDStfoaNuuzYgnnEt_RJqYni75LPdfPmIYuv2ndZojXK2qb_luh44S8J_Xn-kd3MnQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 103ms
102ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX-pYnQOS0UxL_7-ygaE3C8-jlOCMdMcT8I6wgMi690dGPcmcRYOTIy-vEAVJYfOMQlqxeweDStfoaNuuzYgnnEt_RJqYni75LPdfPmIYuv2ndZojXK2qb_luh44S8J_Xn-kd3MnQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tto0JXh025B6_JdP_frAhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tto0JXh025B6_JdP_frAhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEwnLnWaWBWIib4_7N_nVsAh-m9QQBAKyrHqw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://v.tikdd.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXbtUgsHUO9mK5RvlKUai8Jl4ScM0rhmCAcypfVvvkam8YPDR93G_IOU2iFn9BpBmzxypxhmHVU-BgKZFQPlF__ch4wCHPyo8OdlBCggqC2yi8899gUTH-kLzAdhaREkrzkahjJTw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-73vHUF_8NBfMCG0fKfZEcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-73vHUF_8NBfMCG0fKfZEcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEwnLnWaWBWIib4_7N_nVsAh-ObI0GAK_4HxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://v.tikdd.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 115ms
114ms XHR
application/json 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a727d34fab1ad3f9449e62e7e6aec7f3abb9fc6d4062087ad507f8559208ce3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12438
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3C9E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37268e4e2ab4b7a67a2989c21f096028515c60e1e12643a4a04a6f95bd0acef2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DCA1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffc449bd8bdafc46a1d5674096e9f43f048e9ed967c31e119a9fd59980f0f032

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3C9E 0
0 297ms
119ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstD3QQBpK4TW7ImTC2_bfJI7ydNpJjm3p4ISTGXg9j_tv3BrFP2vJaIir_YjG34w8pljRUY-fFlUtfyd7PhI09uQz12syzYH5oUs1-Went0_nbEa879anowazjISpg0t-f-dLth0JUVkUIywx7rpWSb0s6MN5zo3GbN9Je4Jb-g7h_2T8rF1TZJ1Gmxvz3gQEt_U4Tflz9ouk8etgitb4G0gUVpNwGxx1rLMPvfziRbJodg1gl-XJtGv3ZaXZHf5fBmeyoJBsExFZGs8J_Ff5g7m17NaSvbJwCudW8dz8sGWjyMvZ6dSQWmFVrVSCXBeT1qOf4eGxT1_gSdE0KXKhkD5LPFwS91zNMDpdGzlLToGBqyPDFDI-W90kuvVBGjLpk0J6ZqlCW1yTe3caXMg63Vfh48UuH0Kt-JVCW6N4yQM36RJwNAthl7J5-CIYwfIDU-nKkAcwkfILe_SYnXjoyzkTO_lRGzFRsP_YE7FrlVt5vx3Fv8T6SQtZn9ZxziSww8MqtXWq6LknD8Di4XS99vZXCMMLfb0oqlmDUHUQtHzf6oJc92cJCIiexN_IxmLzimHDt7LY0CW-wAo1Ahv1zfsrmpsoqg128L-tc0ML7X-Uxf8dpNjcHL1HCi8pleyhjxhUSYNi6m0Df_9m0JDU4YGtxff9FeutF6K7cKmsK8O93fZ8Jq2A6-njWI9k6VgsJ4XdmpC08kuofCsekP4Ff9z5V5EukCiD35LqSpwzlNQDTc7pd-sKUN083QbLIgaorEsPKuUnKKuMxtmNnNnNNfUWcrYT9cA_k4xhmkL8bEWHhdFXrUv_djGyllQuWyYWsomqW9lG4vywXa--Ip1tGectfK__V-AcT5QT8o-DOFtSNUOfZ7lWbMozBVKjfNbgVKFzutVcUNoet_FjfncUw0RDkokBia8K9WgdHw5HyshWh0_bJPTqrKwl-B7fiA2637So0kaVl2QuUibobyOgy5SV_nm1ttjTHnb-H5DYszKbqNNgs296gcJXB7Ottiorovy-uEnEilQMsrZWQ7tLCgfvnrHKc9uMT-VZBXU40EsVMtlPPjHXLBx7skg6iJCVaSDkvLWhMuLnT7Aid0tesxVEaAw3uPiasSgFI2pHN47bvk1N1vjxQFULvQXSdNXobP6_1EC4FQPcCRRozQHvlHSMj3zQnwc1YYE1brSewz0IPKMUF3I_RTehHtsYrtWiAWN8UxVuLWg-dJK3iaRb1GJ17pvzOz_IAUxGwBJDHnbtbc3mZuDht7i3GPcgogBvEy94WZSUrje0C1kbZyWNHiGniZkSb_8yYSYvJSP-l_rB6aKwloAVk&sai=AMfl-YTnfLKVEL7MOZv58c4NpWbJbX7AGBr5Kq3A7Mbmegv8jixMQs6bzgYzOl1vRArWpPT5PvXK4lkQK5jATpIadJYwl8F72o-Eqza-ZOC2Hj61vrpgzksWmp6fs3vDYYRn9tuJiWkUTXFzsmXoBZ2q0rx6ToHo5noH1G_IVH_6AusHsZrvR1uKeLAjJqbYflFRBtmjImJbYySxGopTfh1GY1WRZjquXsuCbOcnyK6_QBqOm_uIeY-vFPlwSNQbNTsJx9ozcb00LN37QJZzHs66G8T1Q-EAyOgGGHaOaceK64_ya0OWqensthRLcv7pqnq7SexpAjdCCy8pRrJdRzXEkCE46a2zvvhJcFRUNBcz-PnKyrdXqP7uY5qd2un0C1Uj1_nYpFcrbHluUkwKkgzzjUirFIMv132nQaSsKgaNh9zK7OlsAPKSc3t0PitE50JTHpqVIxA_jiq4Tl7PcesXpJOAsxnIwEmPrXFx1o0HlA7nq7iUsXD71jXuEZs85kR9NSDHIgMEXBQsgA&sig=Cg0ArKJSzJxNi3syV3p-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2505&cbvp=2&dett=2&cstd=1&cisv=r20240206.75519&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 20:49:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:35 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame DCA1 0
0 281ms
117ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvf8i2MRW7pyOl2wUxrte_n06XmFYWE8I4cpBNSW39mAyQNqk6iSenqz0tOQydUYIyewqa1oAzg1yIlQU-ABYd1ZRz6MQ9ZBPWw2Ew8hi5Mul3csML1pguwKii44mK6xNro8E72WCqQHr8MhdTNjmB4ua110DRRUCVCMTdY5RtEZ7Thrm_Q5MBgEk7MrV09bvUhNObnffVUGmOK59xd6ZEU0r0Us-tJslHCakVHIbO9MX-AwhkJt3eYEIV3V_nmxDMuk8mlfNH5h_hTi9Q7VNrArUQwD0Yma6ILIbYA4BlTs_XmETdICtk5zLNQUtRVnsdSTs-0koM-x2THO50YPb2-CalDAY4ESORyF0mOaEUcVJ6HWykvh4NC9pVSTPjZWjYsxtzhLM-A2_stKASF8E_4_vOjXnx5PTe5EpnKHAL_temmQ6eFSU1RyEOtVdqLzdZQdFTb9vFtlyicm-6p_l5krBlDn39H6G9aqL-2IykCB-OkGrpyBbjRLFUq4VMCKddIZcT2blPWzH31MFfGxcaaWFj-CkF73lz_an4HwFPiXxBuLh1pXsY8wJq53FVlVVsATvi6BmnSPkykE0LMYNjnZB3ANeqvrHM0tAaKjMPYHpYfxm5bQ4K4ci-YAkgFBZJFVYaZDrGWIesPAI5g4mQFKkG5imqskwG8Kv6jYqDOwwEckYdNO70rj7ej0GmYzYFqONGs5MiAbk0_-PENDjOwH6j3VYDdFzCoqB7UFGcQK-iW_ouSADfGEMT8_friJxDyBEcjmyqjsZqiziEuhOAixQEw188P4QGV3CyZ0AfzFvFC4k4HLCwPqkNNr02ABNAsXaUg5yIJzfi3DqxIIYQx3H_vOyApXIgOdyU0CvJnUTrEBmlbSMeZYuJRIFULmETkML4OA72J2L7p6JUhb3c1j_19nb_QS3eF-1E7ktWSgnwWJ_BCkJRIorRPCQTCTKpQTx1FUGb0Ejka68jPkN4WF4vMD75fXNlHvrhh4ayCBJgpPPaq4kA2o2PvCjnZB3vAVsi7Mygmvp7GEjsA0oEDbcBHBBKK8NJaH30kd6DU_RD48V-XlV1NkGHEQ2BXaD-hoZcaSdFWoYAq-XY4h-pStFtW4jNbdWAkfN0RgPvs28JySZ4t-nJkbY5o8GtIfjWchG33paVvLDOLrJOyVhxHLHcGseK6n2fjY90Jiaz-ePqmsYULOZ-SvKf5lY0XJfcDfupIbx9lqeRJ3I3iHRYwOVOEKOD866rlwIBzZtXUt1A4H-4BaXXJb1OlAH5Z_Z2wGhmarT860Ip531NM4RgCjzpo4MkUy7vKsBcNLKCGl7AgUE8W9C0&sai=AMfl-YSjAnjRfAzH0twQCG4nWyroXAKkHEk2Tdob4Vq4xxDutNI33PeWdcrZ7X7XPK3OhJORCwp8cMZAdRyU4GOzryzK8aVAcp9g5jPm2sGLxt-su33h1SlZi5airvX7b-bsWasX6PKQrWQRzqqeG39Kr7etTVUvmXIpk40YyDioK8yHoXv_F_p82LzrSKLzjFDBJNKtSHdyDqay0FVVxb36MlFAWHg6WNpEnXsmPjIjn1d7JIGp8ZULmgb0yoZlhje8fqw3oMlW94Frcywt5pSPTrglS3b7dCGG2TRzxUdwmJJfcPNic9uEBGT1pKPiSwf4AHCxJAwemZDqXGdJKZRMPMQNc_4whmJpL3gNkuagpYQWwHkOyByz5EKV13eTayGybdpT6SPvRzdU-Ea92oBKTsjM0s7vOcrzxINnEjxvXgTVyx4mlEIGTfbXX1mzgU2vRoAimmumSVJARHiCTR7G1oXk5rt6j3dzzWzoGvhf7sJpyMPEzaV4irIm3-eJgBwcGJK1ORu9fVjiQQ&sig=Cg0ArKJSzDNS4DqUWm7fEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2445&cbvp=2&dett=2&cstd=0&cisv=r20240206.22896&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: v.tikdd.cc
URL: https://v.tikdd.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 20:49:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 106ms
106ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 20:49:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F8F 13 KB
5 KB 80ms
77ms Document
text/html 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:07:00 GMT
expires: Thu, 06 Feb 2025 20:07:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A5C 829 B
1 KB 274ms
101ms Document
text/html 142.250.64.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f4.1e100.net

Software

GSE /

Resource Hash

b1904374b9534c7d4c01824750ea3656fa7002be6f5a8b1fd1eb7828c48b2a18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q1xeMOGT818pJC_vi1PpbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://v.tikdd.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q1xeMOGT818pJC_vi1PpbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:49:35 GMT
expires: Wed, 07 Feb 2024 20:49:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F8F 39 KB
15 KB 80ms
79ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:18:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A5C 0
0 135ms
134ms Image
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240206&jk=1210157411632777&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F8F 0
10 B 77ms
76ms Image
text/plain 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kjQ-xQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:49:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A4F9 42 B
64 B 138ms
137ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRzPzEd6RWA0s7Jymbhw4pjQRvn_UT6AJljPdY01xbwTMgzXM1mCC6XBGKnZPpxAg58Gc4xpeCenP9O8gVeHhINd0z_hsmbVuV2lQg2sFG9DhoQ2uTbhjcSYDk0-iUeZGKY1IQB-qbhH25tdgKjGxh6R_EvEnE97A&sai=AMfl-YQiPQVLqsR0YgpUn0cndMEOdZ0fWNSWGYv3AzPwwFV-EaGf4yvT3WUp4mlt5x-25batQ9ImQYg9J5Yl8H-qAxw1cIT3MXZK7hOfU1b646PoR47UZG-t0ZaTVRpiJa4X6vkujka1CJ5OiPyO46CIaQ&sig=Cg0ArKJSzGecXDzGXL16EAE&cid=CAQSTwAvHhf_fLRdyQyX7Vrc7Z0A6ENB5qtz2bCuuDyLnc1FINj_dk_K__m9uFSvwvoEytyqVG_r5eIl7ARAMQerwGOBywjq7Ww7gJ9h5N8RkswYAQ&id=lidar2&mcvt=1033&p=0,0,124,1005&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=327177300&rst=1707338972622&rpt=2228&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C9E 42 B
64 B 139ms
137ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwqQUEydztwGAJmBEQwrE_QM-CXaxdi4fG3wqcAvW5cMGuLc2z8dZbCgIMxWv86QpLhRQ1GJ0hloEOU1Dd-Bw7FWl5ThiB6mUlFcDMMLd7x5LDHEAWGVGVjrn8d0L9pE8kF0RY-iOTRGtKSdBUWkvbbDuDgvmlt3E&sai=AMfl-YQDpuVSMR2CI3oruZq-IsT_JCK6lLWu7BJrI_M2Tm6ApSEPC_MHYg5WAL18CoblUcNOXNliPHfT7MV06C7Imb0JMaHENmffy1Ob4XWm5K6WV8vOJlU2TeLlwGMxINWSC9C3PX9XkdeKJE0TboJdmA&sig=Cg0ArKJSzD1pBZnaBc5mEAE&cid=CAQSTwAvHhf_fLRdyQyX7Vrc7Z0A6ENB5qtz2bCuuDyLnc1FINj_dk_K__m9uFSvwvoEytyqVG_r5eIl7ARAMQerwGOBywjq7Ww7gJ9h5N8RkswYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=327177300&rst=1707338972774&rpt=2448&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCA1 42 B
64 B 140ms
139ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcjCdy4qg80KIseRRkjv4qQleUlmch0dbFZLoVu4yvJ1TyxOojqq2bCfKxrgs8PS6C0SqMrtdjQIRxIFTHyFgRo6feuMiORN90xVQGNXGblq_-8HEkzdLck5hI-HaHgRlIIpl1_SPxGih2K1UXBbROd9TyXFKXGwA&sai=AMfl-YTrGVx1Ii4dmGXliYrM2Sa4tQXzWu6r8rvVTTX86-RUVjpYMKF9zY4cM3S1VKFO9yfVRT1jE7scxj7ZuLBVtPP6Zc6CAk2QazhCKHsLnFTA-WN7hS7ZDjbUyvWnM05HJeRh_6K77bA0UGtM1NBgZA&sig=Cg0ArKJSzA4a9A8WNyjXEAE&cid=CAQSTwAvHhf_fLRdyQyX7Vrc7Z0A6ENB5qtz2bCuuDyLnc1FINj_dk_K__m9uFSvwvoEytyqVG_r5eIl7ARAMQerwGOBywjq7Ww7gJ9h5N8RkswYAQ&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=327177300&rst=1707338972851&rpt=2358&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 138ms
137ms Image
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240206&jk=1210157411632777&bg=!MjGlMX7NAAaxkZ3akZE7ADQBe5WfOD_5vOJG7pBs5FH0oMEoRkHUdNc7P-sAImNBF3gfaHMutc77gqtRGlfZAElHGY0cAgAAAWFSAAAABWgBB5kCu7qHwelJH6QAb2k5ZW39pWXhWBtrf1LM2kmyW_ONrOOY4yBlvARleK6hftxL3PWFkRf47uyR-3rhYLZj1z4bG0AmBTsNCQHLwvjkYB6ps-wBaNcL2bFHNw4WpMCZjIklHUYcKGgbT9BHYHrhzrIdaSsoiQadbhjtoccLArUYOgIi7FMk-NSx-v1ocYVCR8nIQHMZjxHY4Kc4wMwx-8EgRoeipRpL3aWqHt12HvU_Yf8ImXllNYjDv1sHV_4AeEf-tpuC3JdFaJ-aSMoXWvetYpAQcSb-SqOJP-VyfyNCFxajHPpMkA5tY0Uq_4dH6fB0bDh0Qz8kpL41inJcWjDq6nZHxxRK6GF0dKikMXCHJ7TC6WP5ztWKILJ10ZJEdhlp6oGbz-brTTRS9tH2J5cSZVIlGRL1jMAIDeDpott8ecpzVgKYJDemvYjZOJqr3Hr-GyniEiDZsMMHQWD0lv7MIQ8JhBCIe5CGfURDCOAWJX6GSGsOdkxiBvjIIdYo415Y8KlboBh1YcAyy5EBkrUKyvHuDp6Mj2ndYbgspRZrGNCrNNLjwMAMz_QmgGAZ2Esq3QpqjaUYNz8jZPAHp-Zpl2G0UZGLYu5CZ4YmweHsTTHbrtsX73Hl3B2ph--52Dyza8yfpTgS8cWkr_Gb2alccz9Q_TbPjPMMwKItgB68yMwxI5357A6wMsjYPqZtEr_ojhRuBltTYmRjYmq5tOdfbB_DVlIHjVNBP-GJTvLh0SiLbz3rq4sZ5GP7OuT8pmr4agblXNTz8-gU8QgBdr2aQL-hgvAcNMTnK-yLG9EV0V8qHlxuBx3NIzHuYhrsSO_jFebEXllFPNvU6psG8xnRWvnWsv3TwfiRlHdmx5-debfkpmFPRfr4FYxGC-0wMOckMfY4gIyZOf_l7x0g0PDKwZhVGJrpxkMgRw4dAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 90ms
89ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9NKBTYSZL8&gtm=45je4250v9104831225za200&_p=1707338971565&gcd=13l3l3l3l1&npa=0&dma=0&cid=206292564.1707338971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707338971&sct=1&seg=0&dl=https%3A%2F%2Fv.tikdd.cc%2F&dt=VIP%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%A3%E6%9E%90-%E8%85%BE%E8%AE%AF%E8%A7%86%E9%A2%91%2C%E7%88%B1%E5%A5%87%E8%89%BA%2C%E4%BC%98%E9%85%B7%E4%BC%9A%E5%91%98%E7%94%B5%E5%BD%B1%E5%85%8D%E8%B4%B9%E7%9C%8B&en=scroll&epn.percent_scrolled=90&_et=17&tfd=7647
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9NKBTYSZL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v.tikdd.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:49:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://v.tikdd.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tikdd.cc/	1970-01-21 03:51:38	Name: _ga Value: GA1.1.206292564.1707338971
.tikdd.cc/	1970-01-21 03:51:38	Name: _ga_9NKBTYSZL8 Value: GS1.1.1707338971.1.0.1707338971.0.0.0
.doubleclick.net/	1970-01-21 03:51:38	Name: IDE Value: AHWqTUnKpjWLAM_wP6gvDRroM0b2UX5TPvMvysxGn9jySjJlPqt4WcxMXmbGZHBv
.tikdd.cc/	1970-01-21 03:37:14	Name: __gads Value: ID=c5cf8a315c362f30:T=1707338970:RT=1707338970:S=ALNI_MYb2plSg0-BF-ESOtTmCfCMv8IxiA
.tikdd.cc/	1970-01-21 03:37:14	Name: __gpi Value: UID=00000dc12ee40e02:T=1707338970:RT=1707338970:S=ALNI_Maa0SFHa5PNp4h9ogxZM6o7Invebg
.tikdd.cc/	1970-01-20 22:34:50	Name: __eoi Value: ID=bb53dae3338bceb5:T=1707338970:RT=1707338970:S=AA-AfjYs2PfOUmL5nFzSIq8Yk-n0
.casalemedia.com/	1970-01-21 03:01:14	Name: CMID Value: ZcPs3Vjn9x4o9cqkYIj8OAAA
.casalemedia.com/	1970-01-20 20:25:14	Name: CMPS Value: 2455
.casalemedia.com/	1970-01-20 20:25:14	Name: CMPRO Value: 2455
.adnxs.com/	1970-01-21 03:51:38	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:25:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTytHG`7!]tbPl1M>e)ZlrFUfJ+tGXxoLDV:=(:z3X[<Tmx(<:kF?PS#5PYvo`8wXn+bbpRzqF1`b_z*7hKh
.adnxs.com/	1970-01-20 20:25:14	Name: XANDR_PANID Value: 9dfO_JIKgMef6pcGqaE5N-HOJeOt9fuX-jftQ5jLrm5goJkl-Ei1jgaF089OToZ79XuOAwbsFfXeUQbScpvOtnYX3iceWqalXpN7dgUmS54.
.adnxs.com/	1970-01-20 20:25:14	Name: uuid2 Value: 5362762510030473700
.tikdd.cc/	1970-01-21 03:01:14	Name: FCNEC Value: %5B%5B%22AKsRol-rCYKrDebwNWnicUs2KOS-7NI0N6GHF91POQoZS3K6lJhkZdeZyYp5zLMtY-rCKRlF3B3siskPdEKJ3y1oeRLbq6tzloKhULm5CrgkLE9PnTRdAOGOCK-PzZtDb8Y48VHnc0sHHe5-rFfpMyAx4IRgOXNcqg%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-20 22:34:50	Name: receive-cookie-deprecation Value: 1
.googleadservices.com/	1970-01-20 20:25:14	Name: ar_debug Value: 1

79 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://v.tikdd.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.staticfile.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
lf3-cdn-tos.bytecdntp.com
lf6-cdn-tos.bytecdntp.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
v.tikdd.cc
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.21.2.122
142.250.64.68
142.250.64.98
142.250.65.198
142.250.65.202
142.250.65.206
142.250.72.98
142.250.80.34
142.250.80.66
142.251.40.130
142.251.40.131
142.251.40.225
142.251.41.14
142.251.41.6
172.217.165.136
172.64.151.101
183.61.243.49
4.79.109.102
68.67.179.164
8.48.85.214
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed8412c81d9fbc4d9e3e232a1f834f830c47620c6567e53e6f52d49d7198130
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1f1cf2d9942b684e07b831abd515fda9b3bb4ecc7f667ab032c2835368d01ec6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b94d4319bd02a3b04e4bb8d4337d37039655e1c043d6954d63a9469028574d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37268e4e2ab4b7a67a2989c21f096028515c60e1e12643a4a04a6f95bd0acef2
3929d06c0ac7ac1c1ce03d2210f2fe1dbf5293ed53b343329e52a6976945169e
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
463f4a4da8dd261ad9a6e5987cf3329f32bcbc1a75e1e6e1c33e281209d5bea8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
791c29dee0bfabddeef72c6d85429a1e28d8e5ad33366e68a8f714e507e9bfed
7dccbc2a4d48a21d00b0803946374bbd63e90094cc2665b3dec4b3223ba6df96
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81159229ed9fd9d8ec125edebbb88cae735746814b5fb8e511ff0f7b136c3708
87045b8a5c3b3f349efc818cb2b0ed709c77d4c037f6e36f71f1557cd944bb6f
89620fe80f5c0f43928f9d6d50fdce6e8fbf3eb1cd7fbf10214a11997eb0800a
8ae53be1604ae01cb5bee750d6ddda74f8f929ba2b615c1570a64cfed29ac5b9
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
95125a62ec3c99fc33335992b1251d0dfab544374743e4c22c0d7ee2e80eb055
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9993e203094ac6e2c32b4a4fa6caa39f796ba0824e3f1a46f8d67a0dce5daca0
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a727d34fab1ad3f9449e62e7e6aec7f3abb9fc6d4062087ad507f8559208ce3a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1904374b9534c7d4c01824750ea3656fa7002be6f5a8b1fd1eb7828c48b2a18
b1cf9dcf608c3eb39e6f7e87e0d528de914448b0c5d07ff0dd8fdf16b7f57b3f
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c700043fd2538a42c2a10d69ee0821e8e100127b50c560f4634d9a33ea07525a
c95b08ca0491a8a502f65ed923b72fcc4e8aa7b66f70347b022965cb75b7c9bd
ce4b8b21b021ad6b87466bdde12b7c98a52b59b0cb597572ac012eb2a2ee52ab
e0afc6897864bfd94cd752b0c64264be0aa6501af4609fb5217c00fedf0ca27a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe9e39c5754da36ed3ff552384204e00f1b2ac692047cd0d83c476c64510ebc
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc449bd8bdafc46a1d5674096e9f43f048e9ed967c31e119a9fd59980f0f032

v.tikdd.cc Open in urlscan Pro 104.21.2.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

91 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

21 IPs

3 Countries

1625 kBTransfer

4377 kBSize

16 Cookies

9 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

v.tikdd.cc Open in urlscan Pro
104.21.2.122 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

21
IPs

3
Countries

1625 kB
Transfer

4377 kB
Size

16
Cookies

104 HTTP transactions
5 data transactions