kuioo.com Open in urlscan Pro
2606:4700::6812:135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C3x6YZWybY6u4Ooay2gTWs7oYx5yN2m357aCWlBGVsseV1zcQASD-ssCEAWD9iJWB6AOgAbXJ1Yc...
Effective URL:
https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XY...
Submission: On December 15 via manual (December 15th 2022, 6:51:25 pm UTC) from CA — Scanned from CA

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 13 domains to perform 129 HTTP transactions. The main IP is 2606:4700::6812:135, located in United States and belongs to CLOUDFLARENET, US. The main domain is kuioo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 27th 2022. Valid for: a year.

This is the only time kuioo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2 6	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
3	23.196.180.24 23.196.180.24	16625 (AKAMAI-AS) (AKAMAI-AS)
5	184.28.212.20 184.28.212.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.126.116.154 104.126.116.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
129	20

1 142.251.41.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:135 (United States)

ASN13335 (CLOUDFLARENET, US)

kuioo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res.kuioo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2004 (Nutley, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:808::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:80b::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:807::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.196.180.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-180-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.28.212.20 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-212-20.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.116.154 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-116-154.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	540 KB
25	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976	53 KB
16	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	147 KB
10	kuioo.com kuioo.com res.kuioo.com	326 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	108 KB
8	media.net contextual.media.net — Cisco Umbrella Rank: 540 warp.media.net — Cisco Umbrella Rank: 2500 lg3.media.net — Cisco Umbrella Rank: 5094 hblg.media.net — Cisco Umbrella Rank: 1815 cs.media.net — Cisco Umbrella Rank: 1387	221 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	234 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
4	google.ca adservice.google.ca — Cisco Umbrella Rank: 14299 www.google.ca — Cisco Umbrella Rank: 9048	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	105 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 162 partner.googleadservices.com — Cisco Umbrella Rank: 830	2 KB
1	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 18608	33 KB
129	13

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	kuioo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	2 redirects www.googletagmanager.com kuioo.com tpc.googlesyndication.com
6	res.kuioo.com	kuioo.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net pagead2.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com kuioo.com
4	kuioo.com	kuioo.com
3	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
3	adservice.google.com	www.googletagmanager.com pagead2.googlesyndication.com
2	lg3.media.net	googleads.g.doubleclick.net kuioo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.ca	kuioo.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	kuioo.com
1	cs.media.net	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	hblg.media.net	googleads.g.doubleclick.net
1	pxlclnmdecom-a.akamaihd.net	contextual.media.net
1	warp.media.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	1 redirects
129	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-27` - `2023-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Frame ID: F85B4C2392D3FA354FCB7A61EDB09728
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: F6499ABAB2A4A9E8EA4ADA4D192D327B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&adk=1812271804&adf=3025194257&lmt=1670987018&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280059&bpp=4&bdt=188&idt=172&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7471644967245&frm=20&pv=2&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: B4EEE4C07A19E84E73F95B595912EA03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=90&slotname=6005378482&adk=215561490&adf=3909650658&pi=t.ma~as.6005378482&w=1200&lmt=1670987018&rafmt=12&format=1200x90&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280063&bpp=2&bdt=193&idt=207&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4DD3JrMoRF&p=https%3A//kuioo.com&dtd=216
Frame ID: EDB349F4E27A2B5422E5C29067D00A2F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=600&slotname=2257705164&adk=3666873766&adf=2846438240&pi=t.ma~as.2257705164&w=300&lmt=1670987018&rafmt=12&format=300x600&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280065&bpp=1&bdt=195&idt=219&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7nf4fKHTv2&p=https%3A//kuioo.com&dtd=223
Frame ID: E0B14B499494C19AB560653C400BC7E3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8BA015051F8E2E04A5DA38C44D56DB1C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 962CA8F37C29047E23018D0453C17DE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1541B7F7C49CC89B8D7FD5CB531853C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE60824A39CA5F6E0F9AD25B17EE4795
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: FCFC80C9CC0271BCC3FEE0C20E8E641B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 703E21F0022DA95424D8094B26615237
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 221E4FEE894D2B452A9A69CF01A86A9D
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A1F854F291998676D47409E9513D41CC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B41106B1A031A93F071B2DEBE613057A
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 48625424C4F97752C5309B9B7E5C875D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: E8DAEF88E55C4E0BE8A1A577B772813B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 81FDB5D8CDD992B44CD38FB2B5281AC2
Requests: 1 HTTP requests in this frame

Frame: https://lg3.media.net/bql.php?vgd_len=6029&&&vgd_l2type=scs_newfl&fp=Nul5wCKaSlSyZ92muH5Da56e5kJMu_-sWjyyjwNO8szO_ip2pLrJ9YA5uHGn1wvG2ho_0HLbIwX6_2H51YSxA4o8rAAcQgLAvi4XDA5jqAiIAztOzHB-KjPWQLWYS3YA&cme=TD_FRNgphjZusriaLgFpj42fJi5fXePe1Xu3nbChHzkhVffC929nmJYsMMv_j_iXCaQIqN6lLvnAz8JUQet5smpIFa0wP0sockfC8GwB92m05nCaJEXuPQpkfYbnXD4wdhncnw_z4G8R8cdEBiLBSQS-7Ka7UfY5QwwqiU5CweubConBsV4UGG8CZQQY4wA1dAaFmTxNlu3u04a0Jbtj9QwwfHiTWSUhmNUXhSjLFXCIYXEa7tPc1Pr0qw5MqSrkOb_G1IYtMkxp6D4ummoausM1_it8z3pFnS__CVenkk8%3D%7C%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5ric_4yONJw81gaMwsaTJa67xOQiqQAJo%3D%7CAYEvPkqZqLDnTueScpmbwuosSl3VXjurf-vnGNsqkwlNSJAf3zRtKnrXNbevhhF6M0LYSbf7tSsrrmq5s09OAOZRvlD_5r_Kv-pVmwz2pvEfrPnaiEbiFnO27Aogs99ma3pBig9l-BX37htrdw_AyuGeOfylfZzvJUOZeab5vcygLZAUZUi-EWlzpmgsa1IZuq4yKoArHDLA3rmLGK9TUE3hhLnJOf1AkdpQis7uuGlfnAjz3hWOyJTaoE1pSqkD%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7C&ksu=224&fdkt=375&vgde_kbbh=ffoyxQJuO&kwd[]=Play+Free+Game&kwt[]=375&kbc[]=123508&kwp[]=1&kid[]=22633511&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.38%7C60%3D2.09%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D2.09%7C2%3D9.60%7Cps%3D1.081%7C3%3D0.95%7C4%3D4.64&ktd[]=1126174818304256&ktrkt[]=Play+Free+Game&kwd[]=Real+Money+Games&kwt[]=375&kbc[]=110800&kwp[]=2&kid[]=23927709&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.37%7C60%3D2.28%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D2.03%7C2%3D7.83%7Cps%3D1.081%7C3%3D0.94%7C4%3D2.44&ktd[]=274894684416&ktrkt[]=Real+Money+Games&kwd[]=Play+Games+Online&kwt[]=375&kbc[]=146201&kwp[]=3&kid[]=208491228&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.37%7C60%3D1.24%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D1.24%7C2%3D8.78%7Cps%3D1.081%7C3%3D0.32%7C4%3D1.89&ktd[]=274911461632&ktrkt[]=Play+Games+Online&kwd[]=Free+Robux+Codes&kwt[]=375&kbc[]=9693&kwp[]=4&kid[]=330007869&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.51%7C60%3D0.55%7C66%3D0.57%7C62%3D0.50%7C10%3D2.93%7C1%3D0.54%7C2%3D1.22%7Cps%3D1.081%7C3%3D0.16%7C4%3D4.17&ktd[]=274894684416&ktrkt[]=Free+Robux+Codes&kwd[]=Earn+Free+Robux&kwt[]=375&kbc[]=136367&kwp[]=5&kid[]=329788683&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.36%7C60%3D0.36%7C66%3D0.28%7C62%3D0.65%7C10%3D2.93%7C1%3D0.46%7C2%3D1.15%7Cps%3D1.081%7C3%3D0.14%7C4%3D3.42&ktd[]=1126174801527040&ktrkt[]=Earn+Free+Robux&kwd[]=Best+Family+Board+Games&kwt[]=390&kbc[]=307%3A%3A28080&kwp[]=6&kid[]=48851494&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.58%7C60%3D0.61%7C66%3D0.57%7C62%3D0.75%7C10%3D2.93%7C1%3D0.64%7C2%3D1.72%7Cps%3D0.918%7C3%3D0.16%7C4%3D2.32&ktd[]=274895339776&ktrkt[]=Best+Family+Board+Games&kwd[]=Forex+Trading+Platforms&kwt[]=390&kbc[]=266%3A%3A155088&kwp[]=7&kid[]=11309418&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.67%7C60%3D1.52%7C66%3D0.50%7C62%3D0.24%7C10%3D2.93%7C1%3D1.52%7C2%3D6.35%7Cps%3D0.918%7C3%3D0.66%7C4%3D2.99&ktd[]=274912116992&ktrkt[]=Forex+Trading+Platforms&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=CA&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&cid=8CU7Q771E&vi=1671130281831790186&vsid=3141318811454993&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10018%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Caghl%3Dna%7C%7Cttd%3D8&vgd_kalog=TPTD%3D1341988611950084%7C%7CTLID%3D6%7C%7CMI%3D2942%7C%7CSID%3D8%7C%7CSI%3D2940%7C%7CHID%3D0%7C%7CCI%3D2940%7C%7CUUID%3D2IakUouOBWNoX2Wkzu%7C%7CMPTD%3D384&vgd_katid=808076833&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=ca4a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1671130281196446971&sttm=1671130281935&upk=1671130282.11505&hvsid=00001671130281935025035145494740&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300160060000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO6CSQ66&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=3141318811454993&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.XA~e8QMQOvAhf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ffufuXuu~8xLjMGvuFfW.9W~xLjM7UNv9~Q7Ov1QB8k7M9MwmQ7~j1Q7v~e8QMxLjMGv9.XF~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1vf%2Cf~J7vuX~LNvu~LEQMQOvf9ffufuXuf~e8QMGvuHX.9A~xLjMGv9.Fu~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvFWHXfhXfX~QOv9~x8OvfV1Zw4QJ9GNcIe9G0H~G7OvWfuf9X9uWH9XfiiHX9hFF9WA9iWWuuuuhihfufuFi9FA99FuXfWHhiAHhH9ih9HH99uAuHW9uWXXFhWH9hhhuFWWiF9~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.ih~myOfEMGv9.iX~exLjMGv9.ih~QQvIK~x8Bvou~NJv9~LEQMGvHh.Hf~exLjMjvf9~%3DVvfW9h~z7Qvu~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9A~8Q8kv9~jNvu~G8Ov9.9A~ONvW~ejfLMGvH.HA~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.XA~1YEvu~NGOEv9.9fA~OYYvw1LYmz5~Qx8Ov~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~QyY7vjmzyM718jMe8OJmMy1YJ~O7NvJ1Q7MQN~-8OvKrtoExGoFu9iiAi9XFH999XX~O1jyvOJk1xj7~w7Yjvu~1OGjUvuWuffhuW9H~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9A9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~ONx7vfX~OmyGv9ou~8GNvu~Y-JvNG-u~Y-GzvKu~zQlvu~7yQvuF9-F99~GQGv9~GQEv9~7Y-vfHh&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220623&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001671130281935025035145494740&subBdr=196&bdrid=313&rc=0&rand=1671130282280&acid=1a3ea6ce3ca0466eb3d4eea40f2c2bf2&matm=1671130282280&requrl=https%3A%2F%2Fkuioo.com%2Fq&vgd_ltimesrc=1&vgd_ltime=577&vgd_rtime=569&vgd_etm=7&vgd_l1hcsd=A35%7C8266&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=2814&vgd_pgid=p1137874450t202212151851&vgd_adprefflag=11&vgd_csip=rtb-appnexus-64d76c54bd-xppsc.SC&vgd_sbSup=1&vgd_nrrs=4901&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1
Frame ID: 25EDF5DE598FE9F285446FB05DDE9123
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Quiz | Real Me | Kuioo Quiz

Page URL History Show full URLs

https://www.googleadservices.com/pagead/aclk?sa=L&ai=C3x6YZWybY6u4Ooay2gTWs7oYx5yN2m357aCWlBGVsseV1zcQASD-ssC... HTTP 302
https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i85... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

129
Requests

99 %
HTTPS

76 %
IPv6

13
Domains

26
Subdomains

20
IPs

1
Countries

1793 kB
Transfer

4264 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.googleadservices.com/pagead/aclk?sa=L&ai=C3x6YZWybY6u4Ooay2gTWs7oYx5yN2m357aCWlBGVsseV1zcQASD-ssCEAWD9iJWB6AOgAbXJ1YcpyAECqQJzkLW070SBPqgDAcgDyQSqBP4BT9AtZ7Ef3WwM5TttfFOLULaZBYwGRDAovu0NLULUWnmfswi9AHyYw3quHR0MZ8wkUw1KAXDwOyOyZVJXO1b_2pDuYrUhvijcCF2gV1QJ_--kfjTB3SZngShWvooRpxZCDHQ6rLNyi5CECzPKZSlfZb0nm2vjLj6cmhIEI9atc9HyHgZk_ED9ymqeGaz5eZ_upQnf0OgpZSY93x9yXAWvsCmoNNW5j0t755uBkoCKFgxOnqEaBhp7MndayqH6D8DJl5znPl1fbsUKVpFH3nmBBHHXSJlw8pNQ_f8VdshDKqSpAo7ry5hOcLIL7Ek98Jq7v4gTK3u_LlR5OTPH2dbABPqcw_-FBJAGAaAGAoAHtYGm5wOIBwGQBwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcB0ggSCAAQAhgaMgEAOgef0ICAgIAEsQlZv6MkbPC-lIAKAZgLAcgLAbgMAdgTDNAVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAQSQwDq26N9yvmoPKDe-bB6zONr4Z3yntqInPWzElzqGOVLah62cEEI6gimEGM41sTG-tkj6d94cFLsovZlR7ezgsD-z1UYASAT&sig=AOD64_2ItAOFKGRI5ooZOXdQvaqiRx1ByQ&client=ca-pub-4181366887982981&nb=17&adurl=https://kuioo.com/q/%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB HTTP 302
https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MTMxODgxMTQ1NDk5MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAsAfVID_Lv35fh1EtuRfLg&google_cver=1

129 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kuioo.com/q/
Redirect Chain

https://www.googleadservices.com/pagead/aclk?sa=L&ai=C3x6YZWybY6u4Ooay2gTWs7oYx5yN2m357aCWlBGVsseV1zcQASD-ssCEAWD9iJWB6AOgAbXJ1YcpyAECqQJzkLW070SBPqgDAcgDyQSqBP4BT9AtZ7Ef3WwM5TttfFOLULaZBYwGRDAovu0...
https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

29 KB
4 KB

340ms
291ms

Document
text/html

2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba107df29c13129f0068ecbc924a9f8af6db60133995deb79c969837620514cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=2592000
cf-cache-status: MISS
cf-ray: 77a15eb76da2ecf2-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 18:51:19 GMT
expires: Sat, 14 Jan 2023 18:51:19 GMT
last-modified: Wed, 14 Dec 2022 03:03:38 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 18:51:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: adclick_server
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 106ms
48ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6109939056400055

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be6ed3ee73b6bfd72df6b5c4a1f9c1ad9288080799f98f49141e95da293344a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Origin: https://kuioo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49527
x-xss-protection: 0
server: cafe
etag: 12703868826430151573
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 18:51:19 GMT

GET
H2 200 lazyload.min.js Show response
kuioo.com/q/resources/js/ 2 KB
960 B 60ms
59ms Script
application/javascript 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kuioo.com/q/resources/js/lazyload.min.js
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0def51003582763051aafeaca9f86b8cebdc7a56c1a100fae94bbb1779e73ef4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 03:03:36 GMT
server: cloudflare
age: 111367
etag: W/"63993d08-8a3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
cf-ray: 77a15eb94ff0ecf2-YUL
expires: Fri, 13 Jan 2023 06:50:39 GMT

GET
H2 200 homepage.css
kuioo.com/q/resources/css/ 8 KB
2 KB 32ms
31ms Stylesheet
text/css 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kuioo.com/q/resources/css/homepage.css?ver=9d1de62b
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7958730adbb843c829fc3c574f7078d42c618e9dc0b4322d7efb70ef7c38618c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 03:03:36 GMT
server: cloudflare
age: 111367
etag: W/"63993d08-1ef3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 77a15eb94feeecf2-YUL
expires: Fri, 13 Jan 2023 06:50:39 GMT

GET
H2 200 homepage.js Show response
kuioo.com/q/resources/js/ 16 KB
7 KB 31ms
30ms Script
application/javascript 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kuioo.com/q/resources/js/homepage.js?ver=636e87f3
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6116df787c22cb94b65374df7a8ead5e5ca71be31920f9870da1813cd6dc360

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 03:03:36 GMT
server: cloudflare
age: 111367
etag: W/"63993d08-4008"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
cf-ray: 77a15eb94ff2ecf2-YUL
expires: Fri, 13 Jan 2023 06:50:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 89ms
42ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-248689268-1

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de40af9f492ce672084ac1ed5867134bae2d78ac84e294c6af370498114c9357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43582
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 18:51:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
62 KB 112ms
66ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSQ47QR

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f1d096932557cfacdcd38c4cf0b53be2a05e1b4346e1e3fcbc3b713d4fe03fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62914
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 18:51:20 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdd138da519df106bd2f9fff0255970b6b547753e65376c976f51ee12bde8871

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/28009/ 8 KB
8 KB 60ms
42ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/28009/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6284c630dc9eff87b28b60a0b8846587322f33e4f5ded92dba75055746baa538

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:19 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 06:14:32 GMT
server: cloudflare
age: 140798
etag: "63635c48-20f6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e89eecf2-YUL
content-length: 8438
expires: Fri, 13 Jan 2023 03:15:53 GMT

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/23001/ 61 KB
61 KB 74ms
56ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/23001/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d462839b0d656fcbe6401d18a033da8d1d51341e101fa264fb99af75855f1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 10:50:24 GMT
server: cloudflare
age: 138644
etag: "63639cf0-f37e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e89becf2-YUL
content-length: 62334
expires: Fri, 13 Jan 2023 03:08:05 GMT

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/11006/ 66 KB
66 KB 62ms
45ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/11006/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a531888c259023489318e7e950de9278b9ebc0ec0e460478a0115849147b27c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 07:32:10 GMT
server: cloudflare
age: 91252
etag: "6368b47a-1072a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e89decf2-YUL
content-length: 67370
expires: Fri, 13 Jan 2023 16:14:43 GMT

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/12006/ 69 KB
69 KB 73ms
56ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/12006/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7de80f48d3e4613cb241a4ccf7b4c123d9be0cbbdc0063285d3c1cd9e02b29c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 12:31:00 GMT
server: cloudflare
age: 91253
etag: "6368fa84-114ac"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e89fecf2-YUL
content-length: 70828
expires: Fri, 13 Jan 2023 03:08:24 GMT

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/11003/ 41 KB
41 KB 73ms
57ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/11003/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a423ebfc12e9dde051bb833ab914d68517c66f77e13eb9ba84432e2810321ea2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 07:32:16 GMT
server: cloudflare
age: 91253
etag: "6368b480-a37e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e897ecf2-YUL
content-length: 41854
expires: Fri, 13 Jan 2023 16:15:10 GMT

GET
H2 200 cover.webp
res.kuioo.com/quiz/images/21008/ 65 KB
65 KB 70ms
54ms Image
image/webp 2606:4700::6812:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.kuioo.com/quiz/images/21008/cover.webp
Requested by: Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955914a026d4abe4fa8b43d3be835b4eb816982cf7d0ee765ec50d7f679866b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 11:53:24 GMT
server: cloudflare
age: 91253
etag: "6368f1b4-104f0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
content-disposition: ;
accept-ranges: bytes
cf-ray: 77a15eb9e899ecf2-YUL
content-length: 66800
expires: Fri, 13 Jan 2023 03:08:40 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 105ms
64ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6109939056400055

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e11bcab420c0769650d9a0c978a4fa1d069d125eb9891a9b2515d5ed62cea016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120008
x-xss-protection: 0
server: cafe
etag: 8556842127387476760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 18:51:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame F649 10 KB
5 KB 68ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6109939056400055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 75765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 21:48:35 GMT
etag: 10353107486223812946
expires: Wed, 28 Dec 2022 21:48:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-248689268-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 17:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 15 Dec 2022 19:46:25 GMT

POST
H2 200 regclk
adservice.google.com/pagead/ 0
0 93ms
42ms Ping
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/pagead/regclk?auid=438873775.1671130280&url=https%3A%2F%2Fkuioo.com%2Fq%2F&tft=1671130280117&tfd=694&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&gclsrc=aw
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQ47QR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 landing
www.google.com/pagead/ 42 B
548 B 85ms
36ms Ping
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/landing?gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&gtm=2wgbu0KSQ47QR&auid=438873775.1671130280

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQ47QR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
32ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1488814511&t=pageview&_s=1&dl=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ul=en-us&de=UTF-8&dt=Free%20Quiz%20%7C%20Real%20Me%20%7C%20Kuioo%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAgCAAI~&jid=474777311&gjid=858905839&cid=775799673.1671130280&tid=UA-248689268-1&_gid=555502131.1671130280&_r=1&gtm=2oubu0&z=1060705082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kuioo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 84ms
31ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=1861571466&gjid=669232758&_gid=555502131.1671130280&_u=YGDAgUABAAAAgGAAI~&z=1241066497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kuioo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
20ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1488814511&t=event&ni=0&_s=1&dl=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ul=en-us&de=UTF-8&dt=Free%20Quiz%20%7C%20Real%20Me%20%7C%20Kuioo%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GA%20-%20%E4%BB%BB%E6%84%8F%E7%BD%91%E9%A1%B5%20-%20%E6%B5%8F%E8%A7%88&ea=view&_u=YGDAgUABAAAAgCAAI~&jid=1861571466&gjid=669232758&cid=775799673.1671130280&tid=UA-248689268-1&_gid=555502131.1671130280&gtm=2wgbu0KSQ47QR&z=187454857

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 03:43:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54480
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
20ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1488814511&t=event&ni=0&_s=1&dl=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ul=en-us&de=UTF-8&dt=Free%20Quiz%20%7C%20Real%20Me%20%7C%20Kuioo%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GA%20-%20QUIZ%E9%A6%96%E9%A1%B5%20-%20%E6%B5%8F%E8%A7%88&ea=view&_u=YGDAgUABAAAAgGAAI~&jid=&gjid=&cid=775799673.1671130280&tid=UA-248689268-1&_gid=555502131.1671130280&gtm=2wgbu0KSQ47QR&z=1931242069

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 03:43:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54480
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 87ms
38ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kuioo.com&callback=_gfp_s_&client=ca-pub-6109939056400055&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

426b1f4a4b25d1d23fb4c93c2709ecd46c32b340cfe1bfe62e7a1b6a4c18bbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 108ms
42ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=kuioo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 81ms
40ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kuioo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4EE 317 KB
73 KB 1091ms
1051ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&adk=1812271804&adf=3025194257&lmt=1670987018&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280059&bpp=4&bdt=188&idt=172&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7471644967245&frm=20&pv=2&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67415f962b8805ba9f489524eb9fdd660493a122157ee7a1570356cee10d58a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 75006
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
expires: Thu, 15 Dec 2022 18:51:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EDB3 72 KB
23 KB 725ms
700ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=90&slotname=6005378482&adk=215561490&adf=3909650658&pi=t.ma~as.6005378482&w=1200&lmt=1670987018&rafmt=12&format=1200x90&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280063&bpp=2&bdt=193&idt=207&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4DD3JrMoRF&p=https%3A//kuioo.com&dtd=216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128755c4aa0e4059a626eef85f9b29a0148862ea58fe8eeb3a6c046072c0e9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:20 GMT
expires: Thu, 15 Dec 2022 18:51:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0B1 95 KB
32 KB 681ms
666ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=600&slotname=2257705164&adk=3666873766&adf=2846438240&pi=t.ma~as.2257705164&w=300&lmt=1670987018&rafmt=12&format=300x600&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280065&bpp=1&bdt=195&idt=219&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7nf4fKHTv2&p=https%3A//kuioo.com&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2e3857b570d27c6d42619ffa468a6f4bd5ed34a42b42f3a9f3152bc0adc7586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33095
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:20 GMT
expires: Thu, 15 Dec 2022 18:51:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 32ms
31ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=474777311&gjid=858905839&_gid=555502131.1671130280&_u=YEBAAUAAAAAAgCAAI~&z=1482443502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kuioo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 84ms
42ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=1861571466&_u=YGDAgUABAAAAgGAAI~&z=1760817165

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 89ms
41ms Image
image/gif 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=1861571466&_u=YGDAgUABAAAAgGAAI~&z=1760817165

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
62ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=474777311&_u=YEBAAUAAAAAAgCAAI~&z=1944353840

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 59ms
42ms Image
image/gif 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-248689268-1&cid=775799673.1671130280&jid=474777311&_u=YEBAAUAAAAAAgCAAI~&z=1944353840

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E0B1 8 KB
1 KB 90ms
38ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=600&slotname=2257705164&adk=3666873766&adf=2846438240&pi=t.ma~as.2257705164&w=300&lmt=1670987018&rafmt=12&format=300x600&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280065&bpp=1&bdt=195&idt=219&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7nf4fKHTv2&p=https%3A//kuioo.com&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:45:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0B1 2 KB
818 B 95ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E0B1 23 KB
10 KB 72ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0B1 3 KB
1 KB 86ms
42ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0B1 18 KB
7 KB 75ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0B1 153 KB
47 KB 106ms
45ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame E0B1 34 KB
14 KB 81ms
24ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 21:53:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0B1 0
0 52ms
51ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvIWUqGybY7TWFOPEsQfg9Zv4BsrM5_ttqaip3-sQ6Kq2lYsDEAEghfHieWD96KKB8AOgAeKy_vEoyAEJqQIoSSGj3dCxPqgDAcgDywSqBM8BT9BOsGsM4l9wQlR-Augoeb7d8xAdRce-JnLJbsevOoUrD-Y6I1G3YmTqBbEAkuV6CxQEyoOA12YBHNKwtGyli0cqFazup5QSNeewqTShkAws0xwXERGjUCyPLSR7crvzxQAO_HThN_2zPEucnrtbkBx6jFuTioOVqGe5G2x6AMilFkAt3Xc-Czy-PhHyYZhpvuTuNuvoNOr_08uqV0MPTIcZZjrWQ7GdxDUgTOSgZxw2qaVRsHGvUs-ll4mJrkb0NFIpJOgQEoEx1ZVD1gYpwATp4NuSpASSBQQIBBgBkgUECAUYBKAGLoAH4urO0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC63QPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjEwOTkzOTA1NjQwMDA1NRgA&sigh=MzEkbjLEYeM&uach_m=[UACH]&cid=CAQSGwDq26N9S7gm46S4TO7-awnblr-o9T7Se28LiBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=600&slotname=2257705164&adk=3666873766&adf=2846438240&pi=t.ma~as.2257705164&w=300&lmt=1670987018&rafmt=12&format=300x600&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280065&bpp=1&bdt=195&idt=219&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7nf4fKHTv2&p=https%3A//kuioo.com&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Dec 2022 18:51:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13975216921577638196/ Frame E0B1 19 KB
20 KB 82ms
44ms Image
image/jpeg 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13975216921577638196/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58fd5d2d33ac2934b065be3716fa58c53a2697550fa802e83a39f71a434bf797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:38:17 GMT
x-content-type-options: nosniff
age: 292384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19800
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:33:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Dec 2023 09:38:17 GMT

GET
DATA 200
OK truncated
/ Frame E0B1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E0B1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame EDB3 9 KB
5 KB 45ms
22ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=90&slotname=6005378482&adk=215561490&adf=3909650658&pi=t.ma~as.6005378482&w=1200&lmt=1670987018&rafmt=12&format=1200x90&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280063&bpp=2&bdt=193&idt=207&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4DD3JrMoRF&p=https%3A//kuioo.com&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 02:52:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:27:40 GMT

GET
H2 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame EDB3 10 KB
4 KB 45ms
23ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 02:52:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:27:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EDB3 8 KB
968 B 48ms
39ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:32:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EDB3 2 KB
765 B 65ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame EDB3 23 KB
9 KB 36ms
27ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EDB3 3 KB
1 KB 63ms
19ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EDB3 18 KB
7 KB 49ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EDB3 153 KB
47 KB 90ms
71ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame EDB3 34 KB
14 KB 60ms
19ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 21:12:57 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17984201277285375985/ Frame EDB3 1 KB
1 KB 63ms
21ms Image
image/png 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17984201277285375985/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f253d2b9f011cd354849218cb84b8a82f236217cbce226345c4a6884299fb491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 06:07:56 GMT
x-content-type-options: nosniff
age: 391405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1441
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 14:02:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 06:07:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EDB3 0
0 49ms
49ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIcJXqGybY8juFIjJhQa6hproCMrM5_ttqaip3-sQwumVs4wOEAEghfHieWD96KKB8AOgAeKy_vEoyAEBqQIoSSGj3dCxPqgDAaoEzwFP0JM6QBqx7KssXMcc7Jf5oA2vjY1hEDuSiNJJVr4wfTHbAgsy-Aqn4onCS5IO_jB5iO4uCQguvGh8_I6FW5csRUS8T-XKNmSkO1W5k-M1ufNcAXxbKonKhSwmii2nO2cXTi1UfXJRfuRv5fxiFTpREi2CjcCk5h4qUWAGbiMSye1CxAybjoxJJ5rK0XVqxww4PtJgmi_brgL_H1_vo8tzv_zZecjJfJMu1DLeyaxy4lFNXGdJ2Du4Bo45Er7jW75Nn8FPK1E_U2zA1mnmx5rABOng25KkBJIFBAgEGAGSBQQIBRgEgAfi6s7RA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7AAtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MTA5OTM5MDU2NDAwMDU1GAA&sigh=MiEs_LQnlNw&uach_m=[UACH]&cid=CAQSGwDq26N9ZjWZDlllOvLaJm2o-UjrmQRJAgVd8hgBIBM&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=90&slotname=6005378482&adk=215561490&adf=3909650658&pi=t.ma~as.6005378482&w=1200&lmt=1670987018&rafmt=12&format=1200x90&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280063&bpp=2&bdt=193&idt=207&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4DD3JrMoRF&p=https%3A//kuioo.com&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Dec 2022 18:51:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E0B1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab9ee32ad8773c4b6d6eff1cc830b6d5bcc2a0b957c38e5a5e8978dbd74e5271

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8BA0 143 B
166 B 21ms
20ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6109939056400055&output=html&h=90&slotname=6005378482&adk=215561490&adf=3909650658&pi=t.ma~as.6005378482&w=1200&lmt=1670987018&rafmt=12&format=1200x90&url=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671130280063&bpp=2&bdt=193&idt=207&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471644967245&frm=20&pv=1&ga_vid=775799673.1671130280&ga_sid=1671130280&ga_hid=1488814511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44779077%2C44780792&oid=2&pvsid=3288654589818951&tmod=113049865&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4DD3JrMoRF&p=https%3A//kuioo.com&dtd=216
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EDB3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff9cfc0a79a705a199766720db4ac8f3e1a335c0519f0ad863f0be31978750f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E0B1 28 KB
28 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 80205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:34:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8BA0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
expires: Thu, 15 Dec 2022 18:51:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EDB3 28 KB
28 KB 67ms
39ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 80205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:34:36 GMT

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 962C 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 21:12:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
45ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c690526e3e9eeef830fb0a71149beb53c61ff3c1ef108002205c1cb351b719ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 59ms
58ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47052cebb12f13ea1aa33ec56b4b674be7c38df2ee0cd035f88cabe04eb62664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52374
x-xss-protection: 0
server: cafe
etag: 6450219146915362844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H2 200 ca-pub-6109939056400055 Show response
fundingchoicesmessages.google.com/i/ 114 KB
40 KB 113ms
59ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6109939056400055?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03120ef3c85de0a965b4678d048a8cdc33081703572186540a8f9af5ed5d58a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eVfIf_3Rks8u5w9stgtqkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-eVfIf_3Rks8u5w9stgtqkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 80 KB
27 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/slotcar_library_fy2021.js?bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6109939056400055

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97e2744218f11b781f65c0d068d22927a1e868ad9d692613362106eb7e6d8328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
server: cafe
etag: 15863249366671354364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 606 B
388 B 75ms
34ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:51:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-6109939056400055&c=3&e=44779077&h=kuioo.com&ld=en&lx=en&m=10&n=0&o=a&p=440&t=0&w=740&x=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1488814511&t=adtiming&_s=2&dl=https%3A%2F%2Fkuioo.com%2Fq%2F%3Fqid%3D11003_11006_21008_12006%26gclid%3DCj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB&ul=en-us&de=UTF-8&dt=Free%20Quiz%20%7C%20Real%20Me%20%7C%20Kuioo%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1991&pdt=1&dns=14&rrt=102&srt=291&tcp=35&dit=537&clt=537&_gst=681&_gbt=765&_cst=513&_cbt=675&_u=YGDAAUABAAAAgGAAI~&jid=&gjid=&cid=775799673.1671130280&tid=UA-248689268-1&_gid=555502131.1671130280&gtm=2oubu0&z=966194714

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 03:43:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54481
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 34ms
33ms Fetch
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1541 13 KB
5 KB 19ms
18ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 77874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 21:13:27 GMT
expires: Thu, 14 Dec 2023 21:13:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE60 783 B
536 B 40ms
39ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c97f13f52e0fcfb4977b4fbc149dd8c3d3127b7cb439bf376b5e28d4506b45e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sP6FJPWft7GBGChk1tN1sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-sP6FJPWft7GBGChk1tN1sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
expires: Thu, 15 Dec 2022 18:51:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 83ms
39ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=kuioo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
39ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kuioo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 AGSKWxVSH2TAziQCu6SkOFObLdcJ9zdMQ4sCnJF7ktXGm2vmP4kZtBQ8nJ0sdGMCNBZFyLvJCtsGNigBeQGxgTJeIec= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 124ms
83ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVSH2TAziQCu6SkOFObLdcJ9zdMQ4sCnJF7ktXGm2vmP4kZtBQ8nJ0sdGMCNBZFyLvJCtsGNigBeQGxgTJeIec=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMTMwMjgxLDYzOTAwMDAwMF0sIjdDRUI4NkEwLTA4MEUtNDMwMC1BMDJGLTEzMDg3Q0Y1MkY3OSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8va3Vpb28uY29tL3EvIixudWxsLFtbOCwiYTV5TkNUSFFGOTAiXSxbOSwiZW4tVVMiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9af047aac8a07821e90c1422bbc4735be63fcafd38f2e19af2fd6e22b98722af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r3aje3aa9jRzCeZ3HPlLtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-r3aje3aa9jRzCeZ3HPlLtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame FCFC 10 KB
4 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:30:36 GMT
etag: 10353107486223812946
expires: Thu, 29 Dec 2022 18:30:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 703E 10 KB
4 KB 21ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:30:36 GMT
etag: 10353107486223812946
expires: Thu, 29 Dec 2022 18:30:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 221E 10 KB
4 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:30:36 GMT
etag: 10353107486223812946
expires: Thu, 29 Dec 2022 18:30:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame FCFC 4 KB
636 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:28:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FCFC 205 B
229 B 24ms
22ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 04:15:12 GMT
x-content-type-options: nosniff
age: 138969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Dec 2023 04:15:12 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FCFC 604 B
628 B 25ms
23ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 03:35:28 GMT
x-content-type-options: nosniff
age: 54953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Dec 2023 03:35:28 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame FCFC 19 KB
8 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 22:15:13 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 703E 322 KB
118 KB 116ms
55ms Script
text/javascript 23.196.180.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-180-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

52b15cb704992780b2ecfe3900556e801b8c119147c757aca8c219ed752d117e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h: 8-35
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 18:51:21 GMT
server: Apache
etag: "92c46b834b7885b66890f61277265f7e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-34
timing-allow-origin: *
expires: Thu, 15 Dec 2022 18:56:21 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 703E 61 KB
62 KB 149ms
44ms Script
application/javascript 184.28.212.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.28.212.20 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-212-20.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Thu, 15 Dec 2022 18:51:21 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=45893
access-control-allow-credentials: true
content-length: 62892
expires: Fri, 16 Dec 2022 07:36:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 703E 3 KB
1 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 703E 18 KB
7 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 703E 153 KB
47 KB 99ms
55ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 221E 23 KB
9 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 9058080364129643004
tpc.googlesyndication.com/simgad/ Frame 221E 56 KB
56 KB 27ms
21ms Image
image/jpeg 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9058080364129643004?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnub2hEAmhbPKblCBk-J3ju7Qxjvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

626e2af0427ce1f091b158dcf1b0c3b490ed24c7fb9876390b86efa64ce393a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 05:24:44 GMT
x-content-type-options: nosniff
age: 480397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57212
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 16:36:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 05:24:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 221E 3 KB
1 KB 25ms
18ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 221E 18 KB
7 KB 27ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 221E 153 KB
47 KB 107ms
75ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 221E 34 KB
13 KB 36ms
29ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 22:21:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE60 0
0 43ms
35ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3288654589818951&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1541 36 KB
16 KB 29ms
23ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 21:12:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A1F8 8 KB
895 B 39ms
38ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:38:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A1F8 2 KB
765 B 19ms
19ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A1F8 23 KB
9 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A1F8 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:15:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A1F8 18 KB
7 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:12:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1F8 153 KB
47 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 18:51:21 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame A1F8 34 KB
14 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 21:12:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B411 143 B
166 B 23ms
19ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B411
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
expires: Thu, 15 Dec 2022 18:51:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 18:51:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 703E 101 KB
33 KB 100ms
28ms Script
text/javascript 104.126.116.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.126.116.154 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-116-154.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 3f14949bade86efbd627a548f87ef864ce407992212176d6cae18d6c7fdf330f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 18:51:22 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 33771
Expires: Thu, 15 Dec 2022 18:56:22 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 703E 90 KB
31 KB 192ms
192ms Script
text/javascript 23.196.180.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU7Q771E&cpcd=QcqgoxBu_JEBy1__-rrJcw%3D%3D&crid=684527525&size=160x600&cc=CA&sc=QC&chnm=HARMONY&pid=8PO6CSQ66&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fkuioo.com%2Fq&nse=5&vi=1671130281831790186&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=410519468&itid=17&bae=B4xBB/eqqe&bcpf=B4xBB%2F8fOnRrolnfOur8eqqe&bdrId=313&ntv=0&matchstring=hr%3D0%7C&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808076833&kapc=26&ekals=775EJvu99uW%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjvz1%7C%7C77OvW&kata=aton&ekalog=_0_rvuAHuiWWFuuiX99WH%7C%7C_TVrvF%7C%7CcVvfiHf%7C%7CbVrvW%7C%7CbVvfiH9%7C%7CqVrv9%7C%7C%3DVvfiH9%7C%7CPPVrvfV1UPmxaRpImtfpUlx%7C%7Cc0_rvAWH&pgid=p1137874450t202212151851&newfl=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=QC&tcf_cmp=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-180-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

569e1e350db441f3715a0e934733df41e7dcb6d820ba413b8e3f0a65cd757354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-4fqs
timing-allow-origin: *
content-length: 31830
expires: Thu, 15 Dec 2022 18:51:22 GMT

GET
H2 200 bping.php
lg3.media.net/ Frame 703E 15 B
15 B 100ms
65ms Image
text/html 184.28.212.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=537&&vgd_cdv=835&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=684527525&vi=1671130281831790186&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886994965&r=1671130281940&requrl=https%3A%2F%2Fkuioo.com%2Fq&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1671130281196446971&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_pgid=p1137874450t202212151851&vgd_pgids=1&vgd_uspa=0&hvsid=00001671130281935025035145494740&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.28.212.20 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-212-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 15 Dec 2022 18:51:22 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=48592
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4862 26 KB
9 KB 112ms
112ms Document
text/html 23.196.180.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-180-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

70fe6ecc2bed929c025e99dda56bea79ac3f8e3514e5b4d0ae872c22bb1af7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9327
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 18:51:22 GMT
expires: Sat, 17 Dec 2022 18:51:22 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 703E 35 B
199 B 71ms
52ms Image
image/gif 184.28.212.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4763&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUU9JF8H&reqid=6RadXfQn3u49O3S6an16Pw&vid=6RadXfQn3u49O3S6an16Pw&dn=kuioo.com&rawDn=kuioo.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fkuioo.com%2Fq&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA-QC&ct=Montreal&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-64d76c54bd-xppsc.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=0&smbrid=adx-1&cxtSgmt=long_tail_video_game&usp_status=0&usp_enf=1&gqid=ADdJoTsZnnWrX-_QGyOT5IeucmBGhhEOONkdHrlc5RuepiDWV7XRq-oxr_nTcAfZSo25FNoq&pexid=ADX-pub-6109939056400055&geoll=false&is_ortb=false&s_ip=172.217.36.138&s_city=atlanta&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-14+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&rtttime=36&pvid=313&prvAccId=684527525&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=410519468&prspt=headerBid&prvReqId=182531370236005_1722843493_41051946813131&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.030&cbdp=0.023&og_cbdp=0.030&ogbdp=0.03&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.023&dt=O&dbf=1&epc=684527525&s=1&snm=SUCCESS&pcrid=8CU7Q771E-684527525-51-17&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=53&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=BID_API&brsrclk=0&bidrestime=1671130280457&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.03&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000039600&strg=HARMONY&stagid=aswift_0_host&pgcatiab2=698&vls=0&scrid=1700080807683300160060000039600&mang=1&pvdTmax=247&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_crsw_exp=cbx1&mx_tgs=160x600&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=4&mx_crsw_bckt=A1&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=1a3ea6ce3ca0466eb3d4eea40f2c2bf2&rtime=15.0&wsip=mowx-lite-apm-gcp-carolina-6879cff8f4-tf78n&ltime=24.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=1a3ea6ce3ca0466eb3d4eea40f2c2bf2_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&dfpDiv=aswift_0_host&feedback_id=6RadXfQn3u49O3S6an16Pw&viewability_vendor=EXCHANGE&actltime=24&mp_seg%3C%3E=44731%23%2344718%23%2344713%23%2360204%23%2366061%23%2310003051%23%237787%23%2344758%23%2317233%23%237774%23%237769&debug_ts=2022-12-15+18%3A51%3A20&__expireat=1671130880711&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.03~vw_exc%3D0.53~vis_sd%3D372~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022121511~iurl_b%3D1628.08~url_tkc%3D0~std%3Daswift_0_host~last%3D~vis_url_b%3D0.56~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D2%2C2~et%3D15~rc%3D1~rps_sd%3D2022121512~vis_b%3D145.03~url_b%3D0.61~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.03~vl2r_url_kc%3D0E0~bm%3D1~sid%3D684527525~sd%3D0~uid%3D2IaGhEse0bcMNv0bP4~btd%3D8212050184052994507660830988111179721216906300615284793474097044001314801855678407771688960~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.97~ogd2p_b%3D0.95~vurl_b%3D0.97~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D47.42~vurl_l%3D20~CI%3D2807~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.03~isif%3D0~lc%3D1~bid%3D0.03~dc%3D8~vl2r_b%3D4.43~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.53%7Eamp%3D1%7Ecbdp%3D0.023%7Edmm%3Dharmony%7Esuid%3D%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Esgmt%3Dlong_tail_video_game%7Edtc%3Deast_sc%7Exid%3DADX-pub-6109939056400055%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D1812271804%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.030%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Edetected_tag_id%3Daswift_0_host%7Edcut%3D25%7Edogb%3D0-1~ibc%3D1~mxe%3Dcbx1~mxbn%3DA1~nsz%3D1~tgs%3D160x600~bsb%3D0~bsp%3D0~tmx%3D247&utime=1504&sf=0&cpr=0.7079789247372705

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.28.212.20 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-212-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: max-age=3600
date: Thu, 15 Dec 2022 18:51:22 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Fri, 16 Dec 2022 00:51:22 GMT

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E8DA 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 21:12:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1541 0
10 B 19ms
18ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?85YPHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 81FD 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 21:12:30 GMT

GET
H2

200

cksync
cs.media.net/ Frame 4862
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MTMxODgxMTQ1NDk5MzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAsAfVID_Lv35fh1EtuRfLg&google_cver=1

45 B
445 B

95ms
75ms

Image
image/gif

184.28.212.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAsAfVID_Lv35fh1EtuRfLg&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 184.28.212.20 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-212-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 15 Dec 2022 18:51:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAsAfVID_Lv35fh1EtuRfLg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 25ED 15 B
159 B 43ms
42ms Script
text/html 184.28.212.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6029&&&vgd_l2type=scs_newfl&fp=Nul5wCKaSlSyZ92muH5Da56e5kJMu_-sWjyyjwNO8szO_ip2pLrJ9YA5uHGn1wvG2ho_0HLbIwX6_2H51YSxA4o8rAAcQgLAvi4XDA5jqAiIAztOzHB-KjPWQLWYS3YA&cme=TD_FRNgphjZusriaLgFpj42fJi5fXePe1Xu3nbChHzkhVffC929nmJYsMMv_j_iXCaQIqN6lLvnAz8JUQet5smpIFa0wP0sockfC8GwB92m05nCaJEXuPQpkfYbnXD4wdhncnw_z4G8R8cdEBiLBSQS-7Ka7UfY5QwwqiU5CweubConBsV4UGG8CZQQY4wA1dAaFmTxNlu3u04a0Jbtj9QwwfHiTWSUhmNUXhSjLFXCIYXEa7tPc1Pr0qw5MqSrkOb_G1IYtMkxp6D4ummoausM1_it8z3pFnS__CVenkk8%3D%7C%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5ric_4yONJw81gaMwsaTJa67xOQiqQAJo%3D%7CAYEvPkqZqLDnTueScpmbwuosSl3VXjurf-vnGNsqkwlNSJAf3zRtKnrXNbevhhF6M0LYSbf7tSsrrmq5s09OAOZRvlD_5r_Kv-pVmwz2pvEfrPnaiEbiFnO27Aogs99ma3pBig9l-BX37htrdw_AyuGeOfylfZzvJUOZeab5vcygLZAUZUi-EWlzpmgsa1IZuq4yKoArHDLA3rmLGK9TUE3hhLnJOf1AkdpQis7uuGlfnAjz3hWOyJTaoE1pSqkD%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7C&ksu=224&fdkt=375&vgde_kbbh=ffoyxQJuO&kwd[]=Play+Free+Game&kwt[]=375&kbc[]=123508&kwp[]=1&kid[]=22633511&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.38%7C60%3D2.09%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D2.09%7C2%3D9.60%7Cps%3D1.081%7C3%3D0.95%7C4%3D4.64&ktd[]=1126174818304256&ktrkt[]=Play+Free+Game&kwd[]=Real+Money+Games&kwt[]=375&kbc[]=110800&kwp[]=2&kid[]=23927709&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.37%7C60%3D2.28%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D2.03%7C2%3D7.83%7Cps%3D1.081%7C3%3D0.94%7C4%3D2.44&ktd[]=274894684416&ktrkt[]=Real+Money+Games&kwd[]=Play+Games+Online&kwt[]=375&kbc[]=146201&kwp[]=3&kid[]=208491228&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.37%7C60%3D1.24%7C66%3D0.40%7C62%3D0.35%7C10%3D2.93%7C1%3D1.24%7C2%3D8.78%7Cps%3D1.081%7C3%3D0.32%7C4%3D1.89&ktd[]=274911461632&ktrkt[]=Play+Games+Online&kwd[]=Free+Robux+Codes&kwt[]=375&kbc[]=9693&kwp[]=4&kid[]=330007869&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.51%7C60%3D0.55%7C66%3D0.57%7C62%3D0.50%7C10%3D2.93%7C1%3D0.54%7C2%3D1.22%7Cps%3D1.081%7C3%3D0.16%7C4%3D4.17&ktd[]=274894684416&ktrkt[]=Free+Robux+Codes&kwd[]=Earn+Free+Robux&kwt[]=375&kbc[]=136367&kwp[]=5&kid[]=329788683&kbc2[]=%23c%3A8835349%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.36%7C60%3D0.36%7C66%3D0.28%7C62%3D0.65%7C10%3D2.93%7C1%3D0.46%7C2%3D1.15%7Cps%3D1.081%7C3%3D0.14%7C4%3D3.42&ktd[]=1126174801527040&ktrkt[]=Earn+Free+Robux&kwd[]=Best+Family+Board+Games&kwt[]=390&kbc[]=307%3A%3A28080&kwp[]=6&kid[]=48851494&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.58%7C60%3D0.61%7C66%3D0.57%7C62%3D0.75%7C10%3D2.93%7C1%3D0.64%7C2%3D1.72%7Cps%3D0.918%7C3%3D0.16%7C4%3D2.32&ktd[]=274895339776&ktrkt[]=Best+Family+Board+Games&kwd[]=Forex+Trading+Platforms&kwt[]=390&kbc[]=266%3A%3A155088&kwp[]=7&kid[]=11309418&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.09%7C12%3D0.67%7C60%3D1.52%7C66%3D0.50%7C62%3D0.24%7C10%3D2.93%7C1%3D1.52%7C2%3D6.35%7Cps%3D0.918%7C3%3D0.66%7C4%3D2.99&ktd[]=274912116992&ktrkt[]=Forex+Trading+Platforms&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=CA&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&cid=8CU7Q771E&vi=1671130281831790186&vsid=3141318811454993&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10018%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Caghl%3Dna%7C%7Cttd%3D8&vgd_kalog=TPTD%3D1341988611950084%7C%7CTLID%3D6%7C%7CMI%3D2942%7C%7CSID%3D8%7C%7CSI%3D2940%7C%7CHID%3D0%7C%7CCI%3D2940%7C%7CUUID%3D2IakUouOBWNoX2Wkzu%7C%7CMPTD%3D384&vgd_katid=808076833&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=ca4a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1671130281196446971&sttm=1671130281935&upk=1671130282.11505&hvsid=00001671130281935025035145494740&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300160060000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO6CSQ66&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=3141318811454993&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.XA~e8QMQOvAhf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ffufuXuu~8xLjMGvuFfW.9W~xLjM7UNv9~Q7Ov1QB8k7M9MwmQ7~j1Q7v~e8QMxLjMGv9.XF~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1vf%2Cf~J7vuX~LNvu~LEQMQOvf9ffufuXuf~e8QMGvuHX.9A~xLjMGv9.Fu~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvFWHXfhXfX~QOv9~x8OvfV1Zw4QJ9GNcIe9G0H~G7OvWfuf9X9uWH9XfiiHX9hFF9WA9iWWuuuuhihfufuFi9FA99FuXfWHhiAHhH9ih9HH99uAuHW9uWXXFhWH9hhhuFWWiF9~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.ih~myOfEMGv9.iX~exLjMGv9.ih~QQvIK~x8Bvou~NJv9~LEQMGvHh.Hf~exLjMjvf9~%3DVvfW9h~z7Qvu~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9A~8Q8kv9~jNvu~G8Ov9.9A~ONvW~ejfLMGvH.HA~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.XA~1YEvu~NGOEv9.9fA~OYYvw1LYmz5~Qx8Ov~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~QyY7vjmzyM718jMe8OJmMy1YJ~O7NvJ1Q7MQN~-8OvKrtoExGoFu9iiAi9XFH999XX~O1jyvOJk1xj7~w7Yjvu~1OGjUvuWuffhuW9H~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9A9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~ONx7vfX~OmyGv9ou~8GNvu~Y-JvNG-u~Y-GzvKu~zQlvu~7yQvuF9-F99~GQGv9~GQEv9~7Y-vfHh&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220623&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001671130281935025035145494740&subBdr=196&bdrid=313&rc=0&rand=1671130282280&acid=1a3ea6ce3ca0466eb3d4eea40f2c2bf2&matm=1671130282280&requrl=https%3A%2F%2Fkuioo.com%2Fq&vgd_ltimesrc=1&vgd_ltime=577&vgd_rtime=569&vgd_etm=7&vgd_l1hcsd=A35%7C8266&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=2814&vgd_pgid=p1137874450t202212151851&vgd_adprefflag=11&vgd_csip=rtb-appnexus-64d76c54bd-xppsc.SC&vgd_sbSup=1&vgd_nrrs=4901&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: kuioo.com
URL: https://kuioo.com/q/?qid=11003_11006_21008_12006&gclid=Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.28.212.20 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-212-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 15 Dec 2022 18:51:22 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=41941
content-length: 15

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0B1 42 B
64 B 37ms
36ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGgU-eYJv9B5zt7ZmXJP8RpsN5q3o7GaVnRnKc_ZGDNP2J-bIXpLhI0wLE25QNuyWx6M2sq3_HphKppNwwhyAncNHtCFf6GSsyEIFEx9oVmM3gG69YeDAlA7K4v5yHA3xvehg&sai=AMfl-YSiOgiPGM147ppISRIZK0w2WjilbRHuQ9RWFdYonwy6BvDj_zTsWRO4-nDzzOb-lz246VCnb2EWk4j2l74&sig=Cg0ArKJSzHDuqb2pKUZxEAE&cid=CAQSGwDq26N9S7gm46S4TO7-awnblr-o9T7Se28LiBgBIBM&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3666873766&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671130280289&rpt=1052&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EDB3 42 B
64 B 39ms
38ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx5HSmp86qnGIxRKRB2cKUFwxcwaQ4H1RSjPQBpOQctXg5iN8Yt3xiUgrpYPIhQ72PL01nriStapP1R4B-SaES8VOwhMmadiv4VTZ266JPDL0DB-hHy7ZB0KXsDUNvoOzU-e4&sai=AMfl-YQCaEPPH2KOFjJTw26aGYimcg3BgJBYfN4PpNEQH4-R9O16A3T_h3HkfjfGDPNL9gDfRr3AWw7Ly9PBTlk&sig=Cg0ArKJSzK0xYBbZG0SREAE&cid=CAQSGwDq26N9ZjWZDlllOvLaJm2o-UjrmQRJAgVd8hgBIBM&id=lidar2&mcvt=1000&p=0,0,90,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=215561490&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671130280280&rpt=1088&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 18:51:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3288654589818951&bg=!zM-lz4vNAAYgquz3AKo7ACkAdvg8WpPw-7I0enE2lLpKURzoxOEm5XR0BcN2qTmVsV9QIXSZIXWXEAIAAAF8UgAAAANoAQeZAtjubpwrdQUz1_TiW9nRW2AanVwJ3_1W-UtmwQ7sG8vmEvzK-qSpZsfdir1E4ndPjElwETmVO5C47Asf1JH5smyXRY8knuOhJJGuF-2AQOpt6t0bH_7hb6921ZxsM0rKicDrNCtv5uASFH4mQ11-8nrpa99lXlnAwnoQzT-4xfb9mjAUGj-7n7rZxvP2neVecHo7BIg3X6g4nhaTkZQdGgZTII-DMazo_kYQwSGJIUjLDfJYEvXI-OYU0BDF_EvkboissNnEK5RYbLour95dNYUtPwuG-LN_W9JnxJML9XZFiSbsH11rR1lVwZ888TVNXwG0TMNy0oYrclGln8efOkog0ZNFF4VO2JKGG4TjnItngAsBdQJyB6XZueORkMVPgoQTpssHIMHavXfWhPDgfcffFIpUzwFnRBcjiED6-uJVbI74vl05S7P5pxL8USk3XoygfP3cVpzavOcjzVgKdHV1wzQBPQYjt0HTtH4MtUrR-1mNgs9bT9Hktaf8_C5SYxXNPUzQH7o4fn5-FUrrTfwiJBMpWD5dwM3orJ9ZQ7lQ6hZ2lGPOMqa0dmqsi8KfzCFoNM59jj7E2s-Cgvu1OYAdJjIRE9SMZuyMhBgW4YxMvKyglGsjFQ_xSAteHgw1POA7rX7cr-ovi0d3vACe93j7gPcQLFklhhoS53f_fX17iS32sxgVc_R_nC9bc8aWIaNv-HUKfyKvK0SGbDc0fC88qmqr1OKp-isgBy2gWg0Y-tSIH9OIK_I4HC1oW_SIGvTIgMDSPPYrca27eO19jODryjexX8mA17FINjSJ0j9shr1EeBgJvvaS8SUtZHt_ceRQCIs7EV_z_RBO6dDh7xfIkteo8M72KZLc45yvGYotuPQBbuunOkyiEbfgc_8qgOL6BgkDewCnP1wJpPKTs74cPM2SiNLtbxoZ5OhUmF_Uk0RrNZgSgfcAsxl2Z3IYCUzorT817fvC0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 47ms
46ms Image
image/gif 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.356744951420206

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OvtA2s8zsAJD0e9O5HVbxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-OvtA2s8zsAJD0e9O5HVbxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 46ms
45ms Image
image/gif 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.562032463169602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-nW4khBe5mk91ZtxPI8HtGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-nW4khBe5mk91ZtxPI8HtGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 84ms
45ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CGCFoHltpcy1ztqAxiJWrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CGCFoHltpcy1ztqAxiJWrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 728x901. Show response
fundingchoicesmessages.google.com/f/AGSKWxWIZMOP7wa6s6vlxSmMHobScH39WxAdLuYWdRWOdlQdRsz9kYt2Tuh7BUQ-d691NKqTPskVrjIeTi310TZWDf_skbkv9fa9Prmzftc9D1jEMRpiV_OHc9mx3PrEEoMaMzQ2xtodsWfOhUsXKAx4lq6rFxyAy... 54 B
109 B 45ms
45ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWIZMOP7wa6s6vlxSmMHobScH39WxAdLuYWdRWOdlQdRsz9kYt2Tuh7BUQ-d691NKqTPskVrjIeTi310TZWDf_skbkv9fa9Prmzftc9D1jEMRpiV_OHc9mx3PrEEoMaMzQ2xtodsWfOhUsXKAx4lq6rFxyAyXFLdq2fRRBj_-YiLy6a2JJ9Shrnx8Nk/_-ad-plugin-/adv_left_/ggadsense./nuggad./728x901.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c9f8bf85138863daaa0393ab55cedb677c1da1fc089337d835804275259a152

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IeBhGiioasc_SvFdQONvWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IeBhGiioasc_SvFdQONvWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 81 KB
29 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a580791947e51ec9b7817f9308d53077b18dbcc2912171ed81f9ab1ea7513a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29541
x-xss-protection: 0
server: cafe
etag: 7686576320526828506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 19:27:35 GMT

POST
H3 204 AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 43ms
43ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bTeIn5Gc3ty5KIc-C1wYkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-bTeIn5Gc3ty5KIc-C1wYkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://kuioo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6VKdZqzzz9rLsAnruCE5tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-6VKdZqzzz9rLsAnruCE5tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 47ms
46ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ykic1rLhNPKz3HvfkuAxtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ykic1rLhNPKz3HvfkuAxtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
44ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXO5X-o-JooBgyZ3eU_xaVX2O-t7v3pPj38jti_WqPdLl12RJdrRuCW-X-egkxAT0vN5RtzL33F5pu4svfUQQ_CIb1GC1OvFwlBJW7vCGQuZ4aKMWqifvSSbaSPpW5iOusk8Rhm1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JyGiNRI1Nj2BYqVYJhmB8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-JyGiNRI1Nj2BYqVYJhmB8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUJT9-k8Yv7TdJIBtMV_JwxqJ_1YSe0wQEYpnmEA034Cla0De0feEfgn0UfAVj9zcPDU8nfaeYgo7arXtr1i0szyHJUNGPiivrd96U0fz3KunCEP_P33-uSq9KDyyR1sVb5kOhZZw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 56ms
55ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUJT9-k8Yv7TdJIBtMV_JwxqJ_1YSe0wQEYpnmEA034Cla0De0feEfgn0UfAVj9zcPDU8nfaeYgo7arXtr1i0szyHJUNGPiivrd96U0fz3KunCEP_P33-uSq9KDyyR1sVb5kOhZZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMTMwMjgzLDUxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8va3Vpb28uY29tL3EvIixudWxsLFtbOCwiYTV5TkNUSFFGOTAiXSxbOSwiZW4tVVMiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf42d4afb45460af9375e463c02fedf3e5f1df7fef5af158b26b7aeb19e6a388

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mHcJY3EMIvucSLMULZ8eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-3mHcJY3EMIvucSLMULZ8eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXal5PwEwRGfPFmpBWTX3oKNYWt-FD9VZvbRr1UpradvkTrlFr24i7eMF7wyK-NNVNlh_d1zV6ZnGE7u7f8Xs4= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXal5PwEwRGfPFmpBWTX3oKNYWt-FD9VZvbRr1UpradvkTrlFr24i7eMF7wyK-NNVNlh_d1zV6ZnGE7u7f8Xs4=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UvXfgMmM9osLfs4e9zKy7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-UvXfgMmM9osLfs4e9zKy7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://kuioo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVEo-NuzbkRsxO9Qo1cZ1xjLHC5kn-3vc-JclHyl4r7GSmsWt-V7GnqTBwMDkN2WgMu1wqBhBnSq0K7WEo58E7vZB7BJKQYMB28Ynkxp7GohTa9JgFAB4IbSTPpq14RCrx_5u7UEw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
54ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVEo-NuzbkRsxO9Qo1cZ1xjLHC5kn-3vc-JclHyl4r7GSmsWt-V7GnqTBwMDkN2WgMu1wqBhBnSq0K7WEo58E7vZB7BJKQYMB28Ynkxp7GohTa9JgFAB4IbSTPpq14RCrx_5u7UEw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMTMwMjgzLDU3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8va3Vpb28uY29tL3EvIixudWxsLFtbOCwiYTV5TkNUSFFGOTAiXSxbOSwiZW4tVVMiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b39ff47b407f12cde2198f01fe466042c62eb5634c9a6c4e318494dd6e59b368

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dDShgJrPAO9rH8gEh3wGQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dDShgJrPAO9rH8gEh3wGQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUUvn2MUyIBw1fIk42IuiL-hOZSHkO1HH7Qts-iqo5Z52pvPbQlKFYBmnG_0pYgEZCQThP7C959vjBwhruio1HcS5W-mo9tl8V-T1qZq75bt_yw_TexTSecgTsOPqNEivP_17f3Yw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
56ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUUvn2MUyIBw1fIk42IuiL-hOZSHkO1HH7Qts-iqo5Z52pvPbQlKFYBmnG_0pYgEZCQThP7C959vjBwhruio1HcS5W-mo9tl8V-T1qZq75bt_yw_TexTSecgTsOPqNEivP_17f3Yw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMTMwMjgzLDYzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9rdWlvby5jb20vcS8iLG51bGwsW1s4LCJhNXlOQ1RIUUY5MCJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3137c2b8036e158fbea13971fc5963d35a2ddfdc6352b147523890992fffe13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aex0-fK4-ycx1NzszmK_2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kuioo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-aex0-fK4-ycx1NzszmK_2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUZomzkRhk3LzH1r-ibshfyM2t7s2rEg6ZajPwwhFwVGI5-A_qrVPhb68pNTcKmFPXB8LfRhSFThLcfUFKxAMjKEh-5TDeMb5NSyFlcXc747jT7AOy2gI1agCNIALaKx8D16o9NBg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
45ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUZomzkRhk3LzH1r-ibshfyM2t7s2rEg6ZajPwwhFwVGI5-A_qrVPhb68pNTcKmFPXB8LfRhSFThLcfUFKxAMjKEh-5TDeMb5NSyFlcXc747jT7AOy2gI1agCNIALaKx8D16o9NBg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xfd7MXlXyYX4JYpPJuIvDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-xfd7MXlXyYX4JYpPJuIvDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXal5PwEwRGfPFmpBWTX3oKNYWt-FD9VZvbRr1UpradvkTrlFr24i7eMF7wyK-NNVNlh_d1zV6ZnGE7u7f8Xs4= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
46ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXal5PwEwRGfPFmpBWTX3oKNYWt-FD9VZvbRr1UpradvkTrlFr24i7eMF7wyK-NNVNlh_d1zV6ZnGE7u7f8Xs4=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5H6dbo-yANUWWGrRD_ESbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kuioo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 18:51:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5H6dbo-yANUWWGrRD_ESbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://kuioo.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.googleadservices.com/pagead/conversion/11021935797/	1970-01-20 10:21:46	Name: Conversion Value: EgwIABUAAAAAHQAAAAAYASDpkIGon5-YxilIAWpcQ2owS0NRaUFxT3VjQmhEckFSSXNBUENRTDFaa3dZMVZZd1UwaTg1NmtnRnVMTzBqaXZobGpRTjM2WFlSNk1OR0tFejZ6Qlc3R2l2bHA4UWFBb1ZJRUFMd193Y0Jwvdnnm6X8-wKQAfntoJaUEZgBAQ
.kuioo.com/	1970-01-20 10:21:46	Name: _gcl_aw Value: GCL.1671130280.Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
.kuioo.com/	1970-01-20 10:21:46	Name: _gcl_au Value: 1.1.438873775.1671130280
.kuioo.com/	1970-01-20 17:48:10	Name: _ga Value: GA1.2.775799673.1671130280
.kuioo.com/	1970-01-20 08:13:36	Name: _gid Value: GA1.2.555502131.1671130280
.kuioo.com/	1970-01-20 10:21:46	Name: _gac_UA-248689268-1 Value: 1.1671130280.Cj0KCQiAqOucBhDrARIsAPCQL1ZkwY1VYwU0i856kgFuLO0jivhljQN36XYR6MNGKEz6zBW7Givlp8QaAoVIEALw_wcB
.kuioo.com/	1970-01-20 08:12:10	Name: _gat_gtag_UA_248689268_1 Value: 1
.kuioo.com/	1970-01-20 08:12:10	Name: _dc_gtm_UA-248689268-1 Value: 1
.kuioo.com/	1970-01-20 17:33:46	Name: __gads Value: ID=47e72e36bf964be7-220a98081cd9009c:T=1671130280:RT=1671130280:S=ALNI_MYWDOWI981vijN5MXaaVm6MPrcTgA
.kuioo.com/	1970-01-20 17:33:46	Name: __gpi Value: UID=000008d43b4e7743:T=1671130280:RT=1671130280:S=ALNI_MaNzEtywoC2ucGDgSkXkaYiL1KdQw
.doubleclick.net/	1970-01-20 17:48:10	Name: IDE Value: AHWqTUmiQbmECoRrqB7t4iw8yeRanP1ECHx0V3jnYOriKknxakxDWS8gyY4HQcmzTms
.doubleclick.net/	1970-01-20 08:12:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:12:11	Name: test_cookie Value: CheckForPermission
.media.net/	1970-01-20 16:57:46	Name: visitor-id Value: 3141318811454993000V10
.media.net/	1970-01-20 08:32:19	Name: data-g Value: CAESEAsAfVID_Lv35fh1EtuRfLg~~6
.kuioo.com/	1970-01-20 16:57:46	Name: FCNEC Value: %5B%5B%22AKsRol9CXFqyWaFvxFxj6oxSK-dqumNIea4q-t-DajBxRL0u61y7aUp12wNc7oeqn8oMlIyqPeN0ygcQFFWMkHYyKN7B_XYUxsKXwdHma-KwH-ly_bLdDD-wnvkAmukVlTPTT6rhVq-HQRCW-i607dru-gdrk2Tr7w%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hblg.media.net
kuioo.com
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pxlclnmdecom-a.akamaihd.net
res.kuioo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.126.116.154
142.251.32.98
142.251.41.2
184.28.212.20
23.196.180.24
2606:4700::6812:135
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::200a
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
03120ef3c85de0a965b4678d048a8cdc33081703572186540a8f9af5ed5d58a9
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0def51003582763051aafeaca9f86b8cebdc7a56c1a100fae94bbb1779e73ef4
128755c4aa0e4059a626eef85f9b29a0148862ea58fe8eeb3a6c046072c0e9da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
2a580791947e51ec9b7817f9308d53077b18dbcc2912171ed81f9ab1ea7513a4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3a531888c259023489318e7e950de9278b9ebc0ec0e460478a0115849147b27c
3f14949bade86efbd627a548f87ef864ce407992212176d6cae18d6c7fdf330f
426b1f4a4b25d1d23fb4c93c2709ecd46c32b340cfe1bfe62e7a1b6a4c18bbb5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45d462839b0d656fcbe6401d18a033da8d1d51341e101fa264fb99af75855f1e
47052cebb12f13ea1aa33ec56b4b674be7c38df2ee0cd035f88cabe04eb62664
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
52b15cb704992780b2ecfe3900556e801b8c119147c757aca8c219ed752d117e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569e1e350db441f3715a0e934733df41e7dcb6d820ba413b8e3f0a65cd757354
58fd5d2d33ac2934b065be3716fa58c53a2697550fa802e83a39f71a434bf797
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626e2af0427ce1f091b158dcf1b0c3b490ed24c7fb9876390b86efa64ce393a3
6284c630dc9eff87b28b60a0b8846587322f33e4f5ded92dba75055746baa538
67415f962b8805ba9f489524eb9fdd660493a122157ee7a1570356cee10d58a5
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6f1d096932557cfacdcd38c4cf0b53be2a05e1b4346e1e3fcbc3b713d4fe03fb
70fe6ecc2bed929c025e99dda56bea79ac3f8e3514e5b4d0ae872c22bb1af7ca
7958730adbb843c829fc3c574f7078d42c618e9dc0b4322d7efb70ef7c38618c
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7c9f8bf85138863daaa0393ab55cedb677c1da1fc089337d835804275259a152
7de80f48d3e4613cb241a4ccf7b4c123d9be0cbbdc0063285d3c1cd9e02b29c9
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8ff9cfc0a79a705a199766720db4ac8f3e1a335c0519f0ad863f0be31978750f
955914a026d4abe4fa8b43d3be835b4eb816982cf7d0ee765ec50d7f679866b7
97e2744218f11b781f65c0d068d22927a1e868ad9d692613362106eb7e6d8328
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9af047aac8a07821e90c1422bbc4735be63fcafd38f2e19af2fd6e22b98722af
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5
a3137c2b8036e158fbea13971fc5963d35a2ddfdc6352b147523890992fffe13
a423ebfc12e9dde051bb833ab914d68517c66f77e13eb9ba84432e2810321ea2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ab9ee32ad8773c4b6d6eff1cc830b6d5bcc2a0b957c38e5a5e8978dbd74e5271
b39ff47b407f12cde2198f01fe466042c62eb5634c9a6c4e318494dd6e59b368
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba107df29c13129f0068ecbc924a9f8af6db60133995deb79c969837620514cc
be6ed3ee73b6bfd72df6b5c4a1f9c1ad9288080799f98f49141e95da293344a0
bf42d4afb45460af9375e463c02fedf3e5f1df7fef5af158b26b7aeb19e6a388
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c690526e3e9eeef830fb0a71149beb53c61ff3c1ef108002205c1cb351b719ce
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c97f13f52e0fcfb4977b4fbc149dd8c3d3127b7cb439bf376b5e28d4506b45e3
d6116df787c22cb94b65374df7a8ead5e5ca71be31920f9870da1813cd6dc360
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de40af9f492ce672084ac1ed5867134bae2d78ac84e294c6af370498114c9357
e11bcab420c0769650d9a0c978a4fa1d069d125eb9891a9b2515d5ed62cea016
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f253d2b9f011cd354849218cb84b8a82f236217cbce226345c4a6884299fb491
f2e3857b570d27c6d42619ffa468a6f4bd5ed34a42b42f3a9f3152bc0adc7586
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fdd138da519df106bd2f9fff0255970b6b547753e65376c976f51ee12bde8871

kuioo.com Open in urlscan Pro 2606:4700::6812:135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

99 %HTTPS

76 %IPv6

13 Domains

26 Subdomains

20 IPs

1 Countries

1793 kBTransfer

4264 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kuioo.com Open in urlscan Pro
2606:4700::6812:135 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

99 %
HTTPS

76 %
IPv6

13
Domains

26
Subdomains

20
IPs

1
Countries

1793 kB
Transfer

4264 kB
Size

16
Cookies

129 HTTP transactions
5 data transactions