ai.samsungoneui.com Open in urlscan Pro
2606:4700:3037::ac43:8652 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ai.samsungoneui.com/
Submission: On February 20 via api (February 20th 2024, 6:06:45 am UTC) from US — Scanned from US

Summary HTTP 131 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 11 domains to perform 131 HTTP transactions. The main IP is 2606:4700:3037::ac43:8652, located in United States and belongs to CLOUDFLARENET, US. The main domain is ai.samsungoneui.com.
TLS certificate: Issued by E1 on February 18th 2024. Valid for: 3 months.

This is the only time ai.samsungoneui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3037::ac43:8652	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1 12	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4004:c06::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
2 4	54.87.223.96 54.87.223.96	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
6 8	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
4 8	2606:4700:440... 2606:4700:4400::6812:249b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2607:f8b0:400... 2607:f8b0:4004:c08::6a	15169 (GOOGLE) (GOOGLE)
2	172.253.62.157 172.253.62.157	() ()
4	2c0f:fb50:400... 2c0f:fb50:4002:80c::2003	() ()
1	142.251.16.157 142.251.16.157	() ()
4	2600:9000:24f... 2600:9000:24f4:b600:8:48e:53c0:93a1	() ()
12	2600:1f13:800... 2600:1f13:800:7782:a762:874a:bf4:b6d5	() ()
1 1	2607:f8b0:400... 2607:f8b0:4004:c1b::64	() ()
2	2607:f8b0:400... 2607:f8b0:4000:22::7	() ()
131	20

18 2606:4700:3037::ac43:8652 (United States)

ASN13335 (CLOUDFLARENET, US)

ai.samsungoneui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c06::9c (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.87.223.96 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-223-96.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.31.156 (Oxford, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:249b (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.114 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::6a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.157 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2c0f:fb50:4002:80c::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:24f4:b600:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f13:800:7782:a762:874a:bf4:b6d5 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::64 (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:22::7 (None, )

ASN- ()

r2---sn-q4fzen7y.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	743 KB
21	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 bid.g.doubleclick.net	147 KB
20	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com dt.adsafeprotected.com	214 KB
18	samsungoneui.com ai.samsungoneui.com	280 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	104 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	6 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	139 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	6 KB
3	2mdn.net 1 redirects gcdn.2mdn.net r2---sn-q4fzen7y.c.2mdn.net	950 B
2	googleadservices.com www.googleadservices.com
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
131	11

	Domain	Requested by
31	pagead2.googlesyndication.com	ai.samsungoneui.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net ai.samsungoneui.com tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
18	ai.samsungoneui.com	ai.samsungoneui.com
12	dt.adsafeprotected.com	googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com ai.samsungoneui.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fw.adsafeprotected.com	2 redirects ai.samsungoneui.com
4	fonts.googleapis.com	ai.samsungoneui.com googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net ai.samsungoneui.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	r2---sn-q4fzen7y.c.2mdn.net	ai.samsungoneui.com
2	www.googleadservices.com	ai.samsungoneui.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
131	20

This site contains links to these domains. Also see Links.

Domain
url

Subject Issuer	Validity	Valid
samsungoneui.com E1	`2024-02-18` - `2024-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://ai.samsungoneui.com/
Frame ID: 83E8E131663D610390B62CC6726FA477
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2087125206344869&output=html&adk=1812271804&adf=3025194257&lmt=1708409199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fai.samsungoneui.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16~9~10~11~12~13~14~15~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708409199512&bpp=4&bdt=534&idt=343&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3386281142829&frm=20&pv=2&ga_vid=1333786384.1708409200&ga_sid=1708409200&ga_hid=373560779&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081141%2C31081187%2C31081221%2C42532523%2C95322748%2C95324581%2C95325066%2C31081220%2C95320377%2C95324155%2C95324160%2C95325077&oid=2&pvsid=3950747913031225&tmod=1001599450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 654A712971C7BBD5CF834DA78C565483
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 14684A7D8F5454C07212DB75009AF4BC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5C974D332E1CADF9314B217D587B8DCF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7A764CF8AD0CF2143520D185AAE42A16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9BAA5B51D458B0214F5410BCBAB23602
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGOreg9wBMAE&v=APEucNWd1UwRhPNj-8MqyCx7d7UER9dr-4Fx1_4297fT0xeDl9SjTyldJRPYwnu1Z8Bee3MzZsyasPyjEHOpOEnEV9TJlA8G3w
Frame ID: 29BBEF67D0B4046976EEB6D75AB88D19
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 15EE5E7BCEFA510F3273FFE675397936
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGPjeg9wBMAE&v=APEucNXrcdJq9C-jnnv913gPZtZa90Q94SIl39bUyd2Cx4F61huCSg4g6ywflTdypLEH6C7HHr39jqW9i3mwaGo5PHHpbrdgBw
Frame ID: DD75E8743D725F72DA967491935C3D29
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0095D39D41FFAF4A2954D28B73D6DE0A
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Frame ID: FE0E1BDC9F4C141B4ECECD6046B63A1A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 26B6921DC6C811AA2F545E03F76E7B01
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: D4FC98006FB97570727A778BBE077895
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E484AA82DD7AD6665897C0CF1491AE47
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED6546DC8BE5154F48492A7641071F47
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F13766C17FB936DD9C98F7124B331A80
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 692D42CB1C0D6004D1309D39371FF44B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: CF74F6F01618DEF4F29CAA9BDA5EA66E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD39E28B3F87D526AB8BE579A5D50640
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 082A1D727481C6FBC46266474ADB6263
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ai.samsungoneui.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

131
Requests

90 %
HTTPS

75 %
IPv6

11
Domains

20
Subdomains

20
IPs

1
Countries

1633 kB
Transfer

4945 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://url/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8A9LOl4J4s_supybaz-JY&google_cver=1

Request Chain 61

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdRBctHM7ysAACsjADX5PQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNG086t3ehELQWkjqoV2cE&google_cver=1

Request Chain 63

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1OTkzMzE0OTAxMTY2MjAzMQ%3D%3D

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

Request Chain 71

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdRBctHM7ysAACsjADX5PQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-2dS4wnBybwtFO0_csxLg&google_cver=1

Request Chain 73

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTA2NjI0NTQwMjE3MTIxNA%3D%3D

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CNWa8cEHUZZf4DO3JoPMPjryloAXFvfuUbt28l5OIEZiltpWLAxABIMqx_k1gyYaAgNyjxBCgAZavzZcpyAEBqAMByAPDBKoE6gFP0BmDjz1csqeXkd0F6XX6QpwGU3agqA8-pNZff6qo5llvymhDbok_hQd9MZ9PPa6HxFYad9G1n3UK2PjoR9_KnmHLF2vIjftr5je4tWgH93LQqm8L1RVroMvW7m-XiE9961TwYPU1baIsxqsm9NP3tNUa18wZgT_j9a6QZxH9xo6Zo2lb2ZRI3WHNUUJJbFRz7QxWmb95kR7g2RkV08AtL5VssN4uJVWHxUD9c5faCV49aZkH7Qp9t2Oysy9VgUbxperF8KdmDOLjxHLQKXD2lK8-rTI6-yOatr1hN0C3fsDtEUn80soQ7dTABIbD8uGpBIgFhqTYqUiSBQQIBBgBkgUECAUYBKAGZoAHlued9wOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCesRnSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYo8eJnKC5hAOaCRVodHRwczovL3d3dy56ZWFsLmNvbS-ACgHICwHaDBAKChCQuL3E7ZujnhMSAgED2BMK0BUBmBYBgBcBshccChoIABIUcHViLTIwODcxMjUyMDYzNDQ4NjkYAA&sigh=SeNICZIJtXc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xadf9a9bff33e5e450000000000000000%22,%222%22:%220xe3742c0782581dc40000000000000000%22,%223%22:%220x99b6473094672a7c0000000000000000%22,%224%22:%220x8ea3f9b7a6607fb90000000000000000%22,%225%22:%220xacf10c699ad9a0af0000000000000000%22},%22debug_key%22:%2216306179134253110680%22,%22debug_reporting%22:true,%22destination%22:%22https://zeal.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211055355798%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223696936271706887409%22}&andc=true

Request Chain 90

https://fw.adsafeprotected.com/rfw/bgd/1288019/67920851/xbbe/creative/adj?p=APEucNXwIUX30eqkL2hS_2SnJbCQv4xGW7Ds9ME60H0MZekFO85ztJg&d=CrkBAKAmf-AGiwLFBeeME0LnTrMXEK1J0mi6qHkiTj6oxrqhTQfHzM2GGyFuV_I4hSBZU_o373I_-62g5pkS-_xamxNRLCVGDMdSc_q1Ps14Wyie1BBZgN2Xtmxpth7NW4xJsbq7G3S_bIo5uke6W00I-O1nlm9LkK3tl2Kd5zV02FxQF5A2al8WE9JP_DWOJkTy1AyJuOqitm7khU9huDDhI74Pd-UFmswHZ4bDl9IF9uOReonGN0y927IS-RQAoCZ_4NjuGmDbQyzkwuKOigGC8vl9ljxZEy_nDG4Qd4_pHEmYksuAYlUYCBl8JcZ2snndzC0hVSr58FLujhXlcYSRHiEi5s88InHwne2k5IdpmCUjXP3I08qfmqxT1PnI0zhQe8UOLYORe_zpWF79S6Bb7-tK_a19jGqG3IE3jQo6DQHIXCXxjqzJjyA3ctINvs84rgx5qBFMT-ZrlH5cYnM1qeTW-4xl5PwvYlKyluvZg2cjm11o9r0BUYPMMqVPfR7Hr5aNv24cj_tCHSTyW4_-joPKB4pJ6WZNcVwROwUGUOdz94ayTcZsrayXInn8onwp4J1p2p03TpyBpQUeGL9aPG18MFSRraO6Wxav8QGGlkN4waMpu2HABXmtSR4RS2jmx6QNNzMxdSlceIw_-BV76Q_VoaP06dlz-RWnW7aGrBK1t9ZA-LsXatRmXA1Huj4PsXGpL3tuBd65T-QQY1Ik7KRwc0cJe8qQ4Ka1Nf_mqMUXM0txOOgjKPbfORlSN7luf07zeNY5ewiGpEOKlZQGe4nNF6MipSj5jZn294UxlHS8cozJfUHdOXsD8FhKIanut2o26O4tPN3uaA1E1hId2uJshcDYNY_vjug1h6V693K4g5EHSPSHKRqvxRXH8NPOE3WiVkf5huio67VmlX2yldhm08C4n_3BYPgSP4bRlo525LvyvE1uu3ytBErgv4vF8itJRg0mkMt-1E44re8PbLJ3VV1XNIYbwLtCztSVvryf5W3-SCYCT1YDHis5RoSrBtwdnnQWK4ejTgVzaZTl0FtJZCMFGuIYbyU6gkYesT3TVsBJZ7yQKvgsqvYSvXA3GuDFegaTYnjP7ziykGMqPUmDndwg2_fpzNPjwQDnBcyS84J7aWOAXUD_diKuR9uAG28q9to5fX6A9-PoivId8A1QaXU0OZBVNbrXwVqqmNYiUw3cc169TVUZy6r9DtX_9TYe0PINZJc4ER3K7o1TfRjS5GZcEuQX9BIKaeN2ZwW11FJQZCb5oOIMjM2rE-0jdlI-zdHiSY0gQZXFrvGaLDY5z8cSSbFYtxiezMVjudHDi4eFBBot3yVPTRkZq-X6H6PQyyVxYmvvlxnxYCU3VY3AP9-oZvmZGo-gY6FZCJGNG2upD9SIm7VQSpY2e8YROvbE2ahv49yCVV9FW_U7sfF8TaAQIqm8ae7pGxn5J6kpE2LuOGHvttwEyhaMNCJF5qbQh0sDskz_ixysn-6uyU9-9urAKhw3gaW-OD91bWPueU23TKxt9Rdv-TBnYSNhR1sCWukEra3nCqA1Ie5raiZOBNSVSbqFCDV2GtdEjJPglKhZBBe_dG2-6CGBaN2z4882IQkS-9YPEH6STK6A1fkkL5JnsKyrfubsGI6ZgXwG_mX0bmGCkGWqrCD3qTd7VIzQxo4sDIb7PufqRIl3pRn8D12ZomoW_2aYOW5FA_tEfKcWuNFaEsCL7VM0w0_YPIluY1ei6W5O7ayumR49pSV22wTDBVpcPISd4zQbd5dHIfwxgoHzEXPpDFiOBClK0U1YmPOIqniJmhYz5wsNIFQE70mw68ltmRIgpwFsJ8g2NSt2qAwLP0B0mWSUiYPXPMW9HqmVhKLSAUIM678p8Oyozz_C9Py3EgRIY2mEVL6udSH0GaTyg27Ki2sPrSo8a0c9g9yVdCRLs3FXuNaPU33H2ya6c9mYPU2LRY9WVyPcaWFq9o1Rc5V7OG-IS2QIxS77sjwS7QInbdW7YtkgkUv28-ePjBn6rM8wT3ETX5JFsDCz8jkgwHKtsEFqiHJp1lEK2moqMOycg87QJDry_2mQmfCeuEuh68oregW3aNVWcnJ7EUftTWSHIborwlXfxh6V51myoAfkkYuT7jX_nqpnaj3OllfzGgY-m8JQHHezg-mh_NfAQRkrMzIzTu-5r2uVg8XWynXIHE3IFg4eKo0wTFbfhL_MFUlvDQVX96srPvlCB18utoqrIHjt_OZY0V2yjOo6aI5S30wQ2jRTJfIUC3oysHCo-MDApT0WSZ4OJM3im0qa1rhN8iOVvOFgUpYGfKDK31eCO3m-0J_rPbDdvF0rjzYTPgfocbMrRJEJkFeAi9gfqpdbMh46IezcjEgpF41k80TLjomrPWZbgGCXnGW4CWYcnhdOlvSs_DLSWtsdQfXwcWd8_a2NhQ7vdn9J7DjHANFhtXW0zIkbQ1E8vNHVpq_7uT3cBPx_DOutsIKRYhvL8TOF4NK7AKyNqZPssqJlVF4nJt5Hcx_sIh2ZXo7SSIQjaoxJscCJbeKniZme3dZp2HfxnOzC6OshAGLklBfkgxe65Nv8LuGaBw0UCK5V7kmCokqJIugRu8tEC9yqiWp09FapwnK1YSK0MhIW61ywlpAhdlQg-avOiJjFQ-tpjCYs9eZ_gl8_bRMem07R_8NlQbNunzdFjvrFkRiLI3LqvIqtwan4QAIzLhNmLOIL-56nN0PzFIRANrUzkLQRxlIjXg5GrsadJltnrEbyA6w_uf6joXHrmRO4NwldWfVPIaxGT55KULnQqjwWU2xyaZUmOiuWNmJ183ome4Gi0C2PeC5zzuRjpAG1bFgN-ed0_LxfYqxVNlhT08IYpuyWlrafDZiWa2ZfVNVKfBNNwX_whCz6_Ljff0ZUzLJGxcTY1I14Bqo5OX9QdgL9991MjKT8uzOidaFZH4jFBL2psA4ucF85Q2WI_vs8YraTkewqol4PLn9gFiYcTCcLwjZSkZKTmt_30Ce1juKdaF0l9FvVeqz4D0YyUleYhdoMqb2r_w15ujOmbHbc_zHDjirjGnIwfm-X1cBBrV31tmoC64jaNiiQBGXx4CT2A7hRpu-aS46JVsZNZeh6OYFieZB2T6Fma428X3bTqfd4O3dMFotWUz3A0D-IidvzY5H-KNDWvMCp9H4D0TaYJdO-xMIiqdspqvkIlC7n83LreW5jJcRKpvDFLX1poxv_xc3h6GDtXOedpshGfYKgJQiSv4iXfOSP8eO3tDMSjSwE4BAj2ZkfzWpiatJVYG0TugcyQHyr3_K6m_wK7cD5mOMCoL_KLdEBsh-Pbnt6D7u-e1XPnFXctgRQgMLWRNh_XLC01L0bsq3Kxr0mm4v2sBaEbpcXrrb1EJbzqmPaSKuohitAhQcR4bTVrCx4D-VAdzlkmhHGYNuL5St18R6p_xeBlNF_GsPP122lyZlug9cUIUUoPBmZS5ovw2eEUr-EgUv0swGSJDRtl1oJNkhe-O_TTiU_atoca8GnA2LsGLVdFZ2K3qVS2xg1SkyDDqGA9cfSL5GVk49X-clj4ebA48HkkxohzujrI7sMS-7S04eIuo_1V6VOgtJcAMKq7RU_iXw5O4IqQWlbLb4XXGmDJvy6nwZgP8Szh0M8RxiFQ33_fR_dwlG9AWpcd8Ke1EZDc81iHo2G4IBKo81tYTjFUi3nm3WY0OGmzLLfqimcG0MNbyGkmu2vxfXqcXv0FiNMyCsA-1fukhq85nKM-0-MuwT5RvWtEQQ6W9LdoeOLggn6Iwn9-PeuYbw7JNQMLBwovrVRkNsnxK9k3iAm2ddXwcLKqnQQ4xpVCAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAWAB&cry=1&adsafe_url=https%3A%2F%2Fai.samsungoneui.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fai.samsungoneui.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2087125206344869%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:9abe764a-c334-298e-9bb5-8d3dad8d909c,c:4Hpy3H,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-659c4c654f-kcbj9,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u4NUUv1+11%7C121%7C131%7C132%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:380f2cde-cfb6-11ee-bf7d-065a5258357f,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 93

https://fw.adsafeprotected.com/rfw/bgd/1288019/67920843/xbbe/creative/adj?p=APEucNXPBlxx3G4Kv7yuvwp4rYFv42jch6PIPDrDY_7cF5MzUDh63nU&d=CrkBAKAmf-C5p0cbsro_N_YgEHBupUvzdBhn-RZNh2MO9F0iGS8fpG2qr8A3YfoddDcx86-puVbISD9b-XamV2kT4njD5IUFvsyeyiOal9iwfkYxGTFCr-VYf6dQOsvP71UI3GpIgGqertgW-xRpLhAnXAeCWGUaA-nYN5I_0Ih962lV4SQnwAhC7qQc-jVYQec0bY9UJyj1k1c3sXz_ZWZg3sSvK6ncmpu3Vct_f53CZ587Mdwj6WqNl0oS-RQAoCZ_4OtRHrO9FR93scMSNyxZ8dkdNjtjZG0FFHUT5tR8mRE42_d-Evn7bBS9vGi5Jjik6HUrV6aTp22ww7K1ynHVaAknsjVzk5Mz1lBfxk4YljXGfc2GaGm9fbHzSlUTdhaW65P4cS4iYDJYaePJwIJ7qPzeM9VCLzkYKACcPL7P7Fs1upfJcSJ1mQVyky3DjX_D-m_ntql3v78KxKBXdVarFnvA3Kcdl7knUCO9wPRB1fUr9K4rrXyeYYOGK3UvfGneTfQ6mcc14qehk7uBhP-TSedp4mkB2XAfPhGOA2JYhVvN4ZvyY9gdums8gea6rrMPakgAuW4aH4DBtiR1IYgH9bhUUDbJywmeYTX0-0gmUsLrS2e01WfhjMB0tvwLYsDFLvDEQat4P5DJZORWmsqVs_guThvB_xHysm2Ki8RshdNwtZ4u-XEj5dQD7G52PHpXoVTJRVEBY4E2qIwmOwr1v8RjfCll7WWEmBDbfKYFpL5hdhkg92aITZMv0otelHh1ASyXzKZnXr_QGd_c4-_xC43jck6ehDqTnHTozpMpFro1iCF1Aiis-8Qhl-X_zG1Dxi21UokBEiCbd1s1ie3bBD-Elqd4NgE1X25izTii74EImy8q5_2rAoHsXccHfZ70wHE6xXRPQ2tA8xak6xLp-HegZpjG-0-7-DUyRImsZowMfLsRLJvVg2xpNu1I1JaXEy0egfITwqCYNmk2gbsR6-bexxxYM3DIvyUtNmxrrMnowXaiiAzGO-BsHR9O86LnLois2l8f68GlU5Q2D0ZDya1_rF6HuO4WLwES86Dx4InYxDxM1YninMlY5l62CIkjjVrge_qy39F-oEThxQJnoGf3TWLazOZo79WwlkL8i2t7FMjin5Hv6WmqYFHSwhDIjiMya9HSbXF0VSPjYGvlLzDnJiAKwKieJgX40-2jaBAm4Ff_dRCdbylIPdtwXLfnNK4EZPnExNLOYyr41nn8VG1UYfyDpxv-gerHUlCdWrT2937pRuBZ0ZrsoPBD16tTEddIQXcw6jBPv2rr8NyAlaXyAQ4n_oxBAB85Hi1fkfLr8sWPjL27JDHP1ainUtAzgl8rAq-HjOtp6UPDep-AylDJnuw7NHnhdHyFxkdXZTMNNKoLhIJM8ubfQjrc6Fyd_chvHKDGTjSEoIoNvHosAbJN8M2NuY3uYaHY9LLz_l7kjt0XHpLRxIe7sKcd19AGxM_uv1RE8kp92sMPzkJxt6_zxDPUwjkIJ_sEiPRSPq-nKSXuKZoW9m_m0V8_zu5nrNnaOyVMLPpCD7X8Kz3znJO1qYqzIC-p3wCvnPUuGpqsoE86o8Z2oEfaM4YswiI3p5UNIJxNBnYlv-UnOLWqTjw83OUh2s060iNlNkBwaIKTgUFt-7rvA-oIbLmX-nQtwbo8jD-n0wJaOLeNNKA3N7ODJS3qQ8w9Bd_hPo6ffDykCJlEBpgbltxsPnkyjsxjl2IxFaPatuhhqOvPgofgXCTIzBRLYKBaU4BVjfuQJgfcbQfxNVHwsNTs3EncXrSIwsEmKFrU1VHeOp_BqFgtOKv5j0pXKy8qp_QOpk7mQ1CV-0uNEQwIXjZZ03kyrcfURd7aAZMxoAB3yBF7ShDxD1sJqylcQJGv71XDlQnovj6hmzmeU4uL1OEH90Dc_xnNOihi5kZgGfCaTkZfR1BBrlkWfzXJlZtWr_lffkwGBjp6Gs70AfWesRXsdEunUnYGGdt0PD_lb8A0OFz2uiHL0qBNdQmEc671lKKDn5RKG1RVYJ7rEOIs8z7opCWn7CXGlMevzlOQnJlyLKv9W9F6AowOpmxpevnMvJzYc4dDzmCUOxKQ5GATvGYm6zXVU33mEp4bTebOOqmbcJsYFKN_wQDatknb0rozlK8uLEdQU-kQh2_cPJjj9U1l4szBrzYgWH0rJatQG6BjiRrOEqkpgNM9X9ENMKELjYzdd27wFcniDUaQ02I3E-g8DgzYg4x2DilakEG7VmB6m-eXTWVFAgzF7OvyztPxB7EOS-87_Pv7-8UX7r4ooX4vbBC4SpxngYzBIOX04A_2WjDqnenk7h2UuQB2EA83__t2rczVC_XNowrhoS97TDXq_Z-jz6EeaXpA8adUNa7xtxWedNevG0K2SVbYjZHf_pukRs7yw-zht81MTa7WicheMD9fvwEG-2shwO6n6wiuuIB5kG-9dsJDIoyFyLg-B8TV2bwjkEa6R22EgvK8VCqxl4gdM3anSaIl4OxvsIkN8EZJofUdDnDLRD7u9EW2huU9fXc0c3I53-FeZqkG0DDXwdqpOi446WYgc7s1rql4KwrmBzVwNrDym6PnPGcGUH-YkdYauVxe8BNxMwUd8oljCqGP_7DNMIjjxtNs5Xrc2ZfgXkF-p8sKPiyivHMl93bzGe4XP5xaEWB3ePKvIggNuW4yBiB9mivu4O4XxB1eVoQfwfV-gv5M4kHhpaFPaE86VpbjuSZ4lhWhWrJ_GOj0wArrG4f-u_7A4iiU90qa7I-o4mUZDHn6bqlMkqldQRhhWLV2V7ewC1AFcmR7wqpdqERHH_PAaMKp5Jia88CuOhMr5A6q5Fmtz-xYPlpxkT1qh-vSxrDDsKFxbT9thSFdx2rZvU1YPKoB7R0_JPHeDVioVoyoMyXjtHS6MCSwhIiWINolME8n0YUS9c55Yo0SUGIO6jPxY_XlB_potYXERiv5y6X5BA4yH7I7NFTovrSQzUStwCXH35wonzovMtuEfrR8DZXUK5-cuC24gD2_2EOLshyb4gqsl72LVs2udWkUKIAYNmnA0xQ3oyXtKL2WnNFlJ5n0gR7ooZ_pnZ0nG9sQrtqesgbOsKn1UI09ym_3u-mEbHgBKwduFkY5H6eDcbjtK9zrZo2WWtRDyyI_WEvG6K19nZxZ5W70fA3SKCmUyl7XUJJceQkBkvD1uZLc7ELX9_POyoZmvmijQy0I50yz1b0jc0WPlVb6JUYCJ91vIFFt4N72BFa2PMwnDnStBIgAOMwRpf-jxF3ZzkvbqMhJL7Vqz3CRsBZPNfxYtG74DgZK9yI6W1Mvtq-LeFYzRMXsTBjCbFwndWUKeSUezPfwGgrf6jY7kNWx4Vgo4GvjRreWC7MCfUNzjyCDuy_Bnt58gQ5HJHmInYRHTzSA4WFdyIs2ybgG4u1GgGkm5gDa7hwcuIOU0PzTq9z5QJigmWL3LCQoIZgNrxLUQEpJtKNKwvnMfk0eb1hkQK7jn8QecP0ayyI9jfLCDPOLruOmkIbarkYvO9-1PmyC6D53HlcOBsST41qge8AcLjtAQyoN6qsJ65QfJBZdGeK-xVp9anrv5Q6llKJhOUedNGaoDWqBeBIKfeJHu7oMc2Zm8DeVFE2gX_guVsMDEn4rl8OFKyv1FuAZXyDc2kWN35Qtw4hDpqS8JxjdHAoP3DqpxRZVuTQ3nvKcKjXA6DdS6idEOI5K84HwUhKW2DvNsvcZOkj-aLguJVJCh5a43x-Feq6e-fbqGBbBO1yL9m3glYt_VYwt8ySNxbkUjL0u3Qzss3jR6DYpIGy0G0UK3RHoyIky8ouONzONvY8CeRpVCAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAWAB&cry=1&adsafe_url=https%3A%2F%2Fai.samsungoneui.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fai.samsungoneui.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-2087125206344869%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:5f86eb9c-8960-7e90-d54e-628780df50f4,c:4Hpy4Q,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-659c4c654f-bb82m,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,tdt:s,fm:u4NUUwd+11%7C121%7C131%7C132%7C141*.1288019-67920843%7C1411%7C1412%7C1511%7C1512%7C1513,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:380f2c9c-cfb6-11ee-bcdc-624b4d795f18,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 99

https://gcdn.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/07B261622E8C22BB3DB3632757F92087B54C2E51.4261D4E36C212461D5941C32C0164A690BDA01A9/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/494ABD29F93AFEA4ACA47C7087BD24F94A30D8A7.326D362361ED211BA92FF83CBA6BED05C7EB2E6D/key/cms1/cms_redirect/yes/mh/P7/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7y/ms/onc/mt/1708408127/mv/u/mvi/2/pl/48/file/file.mp4

131 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ai.samsungoneui.com/ 64 KB
12 KB 181ms
106ms Document
text/html 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3783783e3f8bc8e5bc6730945b5aeae53d24430b10b39aa745fafeb7121cbda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 858490950d70031c-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 06:06:38 GMT
link: <https://ai.samsungoneui.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXM%2FvPtz8ZK20KNYV0EURf9KxhqddAgJMRHE99dHE3CBGeGYG0dspsT71zUXQBpu0gDn00OGuZg3JMHcwrC1tpoEEezpu7eHXt35Zyz%2FPuajcq8EOp%2BZwtF80PlNqrfHWbmJuFrqlApX9gHhbQLX1uAC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 427ms
87ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2087125206344869

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d959ce9d1bb86b92614f22a137c086b73fb0cca6f4638a5e90b50f23542db3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Origin: https://ai.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51221
x-xss-protection: 0
server: cafe
etag: 8886250740378193732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 20 Feb 2024 06:06:39 GMT

GET
H2 200 style.min.css
ai.samsungoneui.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 139ms
135ms Stylesheet
text/css 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae43-65be1630-105b04;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=durMoP3XUlxtQPJQotaQmE8prwx0HJS0FvRtqZRS8iPLy9KeXGpJ%2Be2B%2BwxgqVajuu86zgO5zn3IpkqmUlZokm1RZRNaOSlnEzfQ7wG5orz%2FiC1b8r7pqgcZ5ZC3BTuJFcSaxBxmZHDSnOTyiYdIvKPG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85849095bdce031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 fl-icons.css
ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/ 328 B
551 B 99ms
96ms Stylesheet
text/css 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"148-65be1c5a-213533;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0GSHRGuiCNPOcBWiWHPGulw9%2F7Bnv8qcxu4YF7vvmR2Ydkkg1byWS9821scO0UElDOBkBhLteHK0zCkohRPR8kpFTc75ihFiM3cK9ytYfo8g7Su%2BT94c5Pwuf4zdYGYYhkk5654%2B7VBbyOX5bJU4nzU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85849095bdd0031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 flatsome.css
ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/ 143 KB
30 KB 178ms
174ms Stylesheet
text/css 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"23a2b-65be1c5a-213528;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjKGal0inTdFogTljF1qvlblHR93DO5ghN%2Fs9z4mJLZ51%2B2a5X9YL4D3EQeVC5xY6lAIKOi4%2FplYj2zyJikpFDgFVR2DwXBrVhOGKV9eFtwyfB96b5ebzcQ0DxvK8xhn9Zc4MVGsOTfHFGIfgcMwfMOT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85849095bdd2031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 style.css
ai.samsungoneui.com/wp-content/themes/flatsome/ 567 B
593 B 108ms
104ms Stylesheet
text/css 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/style.css?ver=3.12.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"237-65be1c5a-21359d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IjZDPni%2F0gjjM6LwL2O1c3cjQHz0wq%2F6qHfCqi8DAM8bX3GXPv9aIZi4meCo1fgqxXKh%2FjUkpIyJu0fOjMK7F9uxDzDQfMGDHoMmd0%2B9NZyax8CM6wuunHmczosgr%2BjLSqG7yoBs6RprRXzvidoXzRn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85849095bdd3031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 411ms
73ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 05:33:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 06:06:39 GMT

GET
H2 200 jquery.min.js Show response
ai.samsungoneui.com/wp-includes/js/jquery/ 86 KB
31 KB 150ms
148ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65be1631-106224;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqWd3T586klEbU7elKv%2FcczsQUVsCFPcqw31pC7ZipYOCWylmnDsBJzZ6wThcxhoCMY9CLI9jKhrQ%2FETJabevQNNB98fZF%2Fqksb8ra0IlWQUfUOlcC8Hv%2FFWa3hV2NNJjzOK3PXEfZXfReaVOE076izk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85849095bdd4031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
ai.samsungoneui.com/wp-includes/js/jquery/ 13 KB
5 KB 109ms
107ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65be1631-1062a2;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEOZ87TIQctYLaEwGNyuTTXhLd7EwOFl75yuqRvZ2AsHuWMq3BnrcQH3aYtaXBSBg%2Bbml2kj9j8KfJEIpH1Q5iXAbTsLPWX3zM6MIf55fFNtLQ3cAgF8zHnLjiUF1%2BlA75N2Ro2iMRadCkJddHtKkNjm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85849095bdd5031c-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 logo.png
ai.samsungoneui.com/wp-content/themes/flatsome/assets/img/ 3 KB
3 KB 107ms
105ms Image
image/png 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/img/logo.png
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03955f77c5fb64853ee1349aee217467d5965bd9339024dcc15df003efc75a54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b6b-65be1c5a-21351f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BjCz28A0m2xJUQVFzewLrXNjRWRsuhNNovHmkNfc9eu9uOKygdEeFt%2FdGGXWVNXIce%2FiQPszgKV%2FcH5TA5HQbtcgGStqwPqAKqo7Sau9ks7jpRzgHfnEhwYt0y43QdYuK7Y%2Fg76k3dkM2LtKIK1J6sK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85849095bdd7031c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2923
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 what-camera-should-i-buy-for-photography.jpg
ai.samsungoneui.com/wp-content/uploads/2024/02/ 17 KB
18 KB 139ms
138ms Image
image/jpeg 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai.samsungoneui.com/wp-content/uploads/2024/02/what-camera-should-i-buy-for-photography.jpg
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5384759f25eb995f8c8b869363f088fc7dac535a2d8daba8c483df63089adc35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 15:20:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "45cd-65c24e2a-2144af;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahg5vUKU9i9BL0Ua0dgBpl5LFXAgpZtpJby7PVMq%2F3n3mYW0zZi4ggYOJEPhH7WdtX7jPLQ2f8EHkit8xzxNqm0RZMyKctaojNdqIDt6UvDO%2FU6Bnrw%2FMCC7TnZIYQeIDVvtphQNuQ7IvcHiCTH%2BluAs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85849095bdd8031c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 17869
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 which-photography-course-is-best.jpg
ai.samsungoneui.com/wp-content/uploads/2024/02/ 36 KB
36 KB 165ms
164ms Image
image/jpeg 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai.samsungoneui.com/wp-content/uploads/2024/02/which-photography-course-is-best.jpg
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6efb5c0a05ac112bf0726b9e9b82f19d4b126ba7a9f53a5024a6bbd347d9dc4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 15:11:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9011-65c24c1b-20ae6f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP7gtwZLoJVRKpfQLeaFy0LMETpQv%2FIZWTIqe5UVoUk2d8F1QHn1cVJYCOSzOCTt%2FUuzLu9cO%2Bne9vaw%2FsuqMBKfuqDyU%2FDBzCVYWuhHnew20B9SmgGMCOahfDci1ZokiZ8A4AXIgfHuyyhIoWw%2F3EV%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85849095bdd9031c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 36881
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H3 200 why-most-beauty-products-in-tsr.jpg
ai.samsungoneui.com/wp-content/uploads/2024/02/ 31 KB
31 KB 145ms
144ms Image
image/jpeg 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai.samsungoneui.com/wp-content/uploads/2024/02/why-most-beauty-products-in-tsr.jpg
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8432ddd05efb9c2023056919d0f13f0a08dc24c402b171381d628d795323a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 14:53:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7a8c-65c247de-2144a9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7I5va%2BsSwh2SCKuE%2F1Y9rq%2BGGUm9Oim4HP%2F%2BmoheSGsbv1d%2FggO0zGTXYBpKM66DJ%2FPHC3yVJHgB0KnUKA1iQkJen8XAaX%2FdPK6kePIS8IBKtjj0UtGB%2FNG3jQAHtQjBLCGALgjPQvlHzLy8TO4KBgu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85849097de9e7482-MIA
alt-svc: h3=":443"; ma=86400
content-length: 31372
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H3 200 email-decode.min.js Show response
ai.samsungoneui.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
31ms Script
application/javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ai.samsungoneui.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Feb 2024 14:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65cf73c3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laCGIYpkGMjtfaCH2nnx1wb3JY8X%2F3HjoJiLdCCGP1utDIB2DKgPhPchOftXAoSeD2nQyk40MqIED%2BXRubdk8N2zEwVWyBEOuvE%2BNLBOySXwarVVRXuIBVXdfQydqgXIYBIojN9ERRA4fDydijqr8RWu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85849097eeac7482-MIA
expires: Thu, 22 Feb 2024 06:06:39 GMT

GET
H3 200 flatsome-live-search.js Show response
ai.samsungoneui.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
6 KB 35ms
35ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Feb 2024 10:58:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 527752
etag: W/"3e04-65be1c59-212f92;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jqyx9hRaSZNEm9RSo4xwx4c9V2l05uJafGmHQN0DTdB%2FC3McXjcRoq0ZzIRdtlvhNs4kk58fac3p7ymatq2uCL8nEcuNRlXh6qoaYbrrsQtjZrQA%2BGAJJoZEVWhoE5jLE4EkZmYhAacUwqYOOKgL6l0O"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 858490982ece7482-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:30:47 GMT

GET
H3 200 hoverIntent.min.js Show response
ai.samsungoneui.com/wp-includes/js/ 1 KB
1 KB 35ms
33ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Feb 2024 10:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 527752
etag: W/"5db-65be1631-1063f1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3%2BqB3CnKjgv37gmBSLxK5BkCsbAI25zOe8bgtkJGYpodL0CHNe9DoACEaiLr3Ymob9sSVRvI1ueHwukTKG6TmFOD29A1MZCBS6NIBXZHhXnxFym6aMiGLvirPvi%2F01YMF8keOVmD6BmvVx4WcL3E4Nu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 858490986f057482-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:30:47 GMT

GET
H3 200 flatsome.js Show response
ai.samsungoneui.com/wp-content/themes/flatsome/assets/js/ 169 KB
51 KB 41ms
39ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 527752
etag: W/"2a4c3-65be1c5a-21353c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IJTVgufSUlWguHl8eq516W6oo0opOf4A6IkvHmBHoWQZmH4xXsmmJzWW0fqMXWzArZp%2FHq9AuQOOuVS4zNagzt9kAB%2FCshoZ7zvSMvoQwhAhVyaasckErHLPEPmDbSB2Bq8XkIIyU7yAY3zBC5jNAv2"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 858490986f077482-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:30:47 GMT

GET
BLOB 200
OK 1e8b8f8e-933e-46e0-a4cf-e2bfa8b24dcd
https://ai.samsungoneui.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ai.samsungoneui.com/1e8b8f8e-933e-46e0-a4cf-e2bfa8b24dcd
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 167ms
53ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ai.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 20:07:02 GMT
x-content-type-options: nosniff
age: 122377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 20:07:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 220ms
106ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ai.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 03:15:28 GMT
x-content-type-options: nosniff
age: 442271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 03:15:28 GMT

GET
H3 200 fl-icons.woff2
ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/icons/ 6 KB
7 KB 110ms
108ms Font
font/woff2 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

Referer: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Origin: https://ai.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1988-65be1c5a-213525;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHF4sI5BrSSqChFpnDSN6Awwmu5hT%2Fcbwe%2BwnGX5o13pXVIMC%2BIRSXQmzlUg3Nt%2Fr7VJBu7QEL2FA0ZmSPQUDRUp46Lph%2FzOFEeAcgcq6iGK7KMA5GJUZF2CLbx9okNyt2W9UdQSe4TiJ01ZiA%2Fx8iOX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 858490987f267482-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6536
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H3 200 how-to-delete-my-perfume-shop-account.jpg
ai.samsungoneui.com/wp-content/uploads/2024/02/ 25 KB
26 KB 132ms
130ms Image
image/jpeg 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai.samsungoneui.com/wp-content/uploads/2024/02/how-to-delete-my-perfume-shop-account.jpg
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719bfad46980ef855e7979e30962e8deb3a86f8eba4cb58384941958cf0e0950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 14:43:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6483-65c24587-2144a6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YyPPWqGnhMMvZVfy8RiRtoBax6x%2B7SO7hOlunMBaTBxA88DvfxMCUBp5mFUCIXg39veqBl%2BpMRQT00zdwduvwM62mAtKI6n2GhsubADROyK%2F8KzEfOrKj9Xzul5f9d0b1Bn0SZxuIGyUZqaFW3b8gM%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85849098af467482-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25731
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 205ms
99ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2087125206344869

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d608b0e61a5081b3727f80dca34d697781edf908258e27f33e474953ab541846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141225
x-xss-protection: 0
server: cafe
etag: 1646618827376371712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:06:39 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ai.samsungoneui.com/wp-includes/js/ 18 KB
5 KB 105ms
104ms Script
application/x-javascript 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.samsungoneui.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Feb 2024 10:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-65be1631-1062fc;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NU5Nu8YPifxyiuiFOt7Cs%2FJRIr2qKvJeHLe0lb4%2BRHpcI4AmgSJWQ8uMpr7G6UpmYPVGYN7EkM%2B%2F4J8zIanlBvd3FBVaIQAbX4Vz8P6emZ91EtYKuf1JZku21JjREBzI%2BT4OmQKfEeMsvgRalDz6gTCk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 858490996fe07482-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 06:06:39 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 654A 381 KB
86 KB 1860ms
1601ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2087125206344869&output=html&adk=1812271804&adf=3025194257&lmt=1708409199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fai.samsungoneui.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16~9~10~11~12~13~14~15~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708409199512&bpp=4&bdt=534&idt=343&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3386281142829&frm=20&pv=2&ga_vid=1333786384.1708409200&ga_sid=1708409200&ga_hid=373560779&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081141%2C31081187%2C31081221%2C42532523%2C95322748%2C95324581%2C95325066%2C31081220%2C95320377%2C95324155%2C95324160%2C95325077&oid=2&pvsid=3950747913031225&tmod=1001599450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd05548c630b9f49fe7c3012e0a57ec9209934e6b05ca05b7ad48da16ea8e3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87946
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:41 GMT
expires: Tue, 20 Feb 2024 06:06:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 165 KB
56 KB 91ms
90ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/reactive_library_fy2021.js?bust=31081220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

061c94bbc1547b4e3041825cc0dcaf948fadc27fd930e48a0cf248b3ceec3e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57075
x-xss-protection: 0
server: cafe
etag: 14846325971857869244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:06:41 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 1468 9 KB
4 KB 62ms
56ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 18:30:01 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 18:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 5C97 9 KB
4 KB 55ms
54ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 18:30:01 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 18:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 7A76 9 KB
4 KB 70ms
57ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 18:30:01 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 18:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 9BAA 9 KB
4 KB 61ms
60ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 18:30:01 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 18:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1468 5 KB
790 B 70ms
69ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 04:14:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 06:06:42 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 1468 15 KB
6 KB 200ms
62ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 02:51:27 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 1468 22 KB
9 KB 244ms
106ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:05 GMT

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 5C97 8 KB
4 KB 202ms
66ms Script
text/javascript 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 05:11:59 GMT

GET
H2 200 39b1936085524998ebfc7677a2ba517e.js Show response
www.gstatic.com/mysidia/ Frame 5C97 10 KB
4 KB 221ms
86ms Script
text/javascript 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4466
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 May 2024 23:12:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5C97 14 KB
1 KB 75ms
69ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 05:02:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 06:06:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5C97 2 KB
903 B 255ms
124ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:17:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5C97 23 KB
9 KB 256ms
125ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 23:39:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5C97 3 KB
1 KB 255ms
124ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 02:33:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5C97 20 KB
8 KB 181ms
52ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5C97 204 KB
61 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 05:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:44:38 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 5C97 36 KB
15 KB 181ms
52ms Script
text/javascript 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 05:39:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 29BB 624 B
246 B 79ms
78ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGOreg9wBMAE&v=APEucNWd1UwRhPNj-8MqyCx7d7UER9dr-4Fx1_4297fT0xeDl9SjTyldJRPYwnu1Z8Bee3MzZsyasPyjEHOpOEnEV9TJlA8G3w

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:42 GMT
expires: Tue, 20 Feb 2024 06:06:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 15EE 93 KB
33 KB 93ms
91ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:06:42 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1288019/67920843/xbbe/creative/ Frame 15EE 279 KB
83 KB 471ms
58ms Script
application/javascript 54.87.223.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1288019/67920843/xbbe/creative/adj?p=APEucNXPBlxx3G4Kv7yuvwp4rYFv42jch6PIPDrDY_7cF5MzUDh63nU&d=CrkBAKAmf-C5p0cbsro_N_YgEHBupUvzdBhn-RZNh2MO9F0iGS8fpG2qr8A3YfoddDcx86-puVbISD9b-XamV2kT4njD5IUFvsyeyiOal9iwfkYxGTFCr-VYf6dQOsvP71UI3GpIgGqertgW-xRpLhAnXAeCWGUaA-nYN5I_0Ih962lV4SQnwAhC7qQc-jVYQec0bY9UJyj1k1c3sXz_ZWZg3sSvK6ncmpu3Vct_f53CZ587Mdwj6WqNl0oS-RQAoCZ_4OtRHrO9FR93scMSNyxZ8dkdNjtjZG0FFHUT5tR8mRE42_d-Evn7bBS9vGi5Jjik6HUrV6aTp22ww7K1ynHVaAknsjVzk5Mz1lBfxk4YljXGfc2GaGm9fbHzSlUTdhaW65P4cS4iYDJYaePJwIJ7qPzeM9VCLzkYKACcPL7P7Fs1upfJcSJ1mQVyky3DjX_D-m_ntql3v78KxKBXdVarFnvA3Kcdl7knUCO9wPRB1fUr9K4rrXyeYYOGK3UvfGneTfQ6mcc14qehk7uBhP-TSedp4mkB2XAfPhGOA2JYhVvN4ZvyY9gdums8gea6rrMPakgAuW4aH4DBtiR1IYgH9bhUUDbJywmeYTX0-0gmUsLrS2e01WfhjMB0tvwLYsDFLvDEQat4P5DJZORWmsqVs_guThvB_xHysm2Ki8RshdNwtZ4u-XEj5dQD7G52PHpXoVTJRVEBY4E2qIwmOwr1v8RjfCll7WWEmBDbfKYFpL5hdhkg92aITZMv0otelHh1ASyXzKZnXr_QGd_c4-_xC43jck6ehDqTnHTozpMpFro1iCF1Aiis-8Qhl-X_zG1Dxi21UokBEiCbd1s1ie3bBD-Elqd4NgE1X25izTii74EImy8q5_2rAoHsXccHfZ70wHE6xXRPQ2tA8xak6xLp-HegZpjG-0-7-DUyRImsZowMfLsRLJvVg2xpNu1I1JaXEy0egfITwqCYNmk2gbsR6-bexxxYM3DIvyUtNmxrrMnowXaiiAzGO-BsHR9O86LnLois2l8f68GlU5Q2D0ZDya1_rF6HuO4WLwES86Dx4InYxDxM1YninMlY5l62CIkjjVrge_qy39F-oEThxQJnoGf3TWLazOZo79WwlkL8i2t7FMjin5Hv6WmqYFHSwhDIjiMya9HSbXF0VSPjYGvlLzDnJiAKwKieJgX40-2jaBAm4Ff_dRCdbylIPdtwXLfnNK4EZPnExNLOYyr41nn8VG1UYfyDpxv-gerHUlCdWrT2937pRuBZ0ZrsoPBD16tTEddIQXcw6jBPv2rr8NyAlaXyAQ4n_oxBAB85Hi1fkfLr8sWPjL27JDHP1ainUtAzgl8rAq-HjOtp6UPDep-AylDJnuw7NHnhdHyFxkdXZTMNNKoLhIJM8ubfQjrc6Fyd_chvHKDGTjSEoIoNvHosAbJN8M2NuY3uYaHY9LLz_l7kjt0XHpLRxIe7sKcd19AGxM_uv1RE8kp92sMPzkJxt6_zxDPUwjkIJ_sEiPRSPq-nKSXuKZoW9m_m0V8_zu5nrNnaOyVMLPpCD7X8Kz3znJO1qYqzIC-p3wCvnPUuGpqsoE86o8Z2oEfaM4YswiI3p5UNIJxNBnYlv-UnOLWqTjw83OUh2s060iNlNkBwaIKTgUFt-7rvA-oIbLmX-nQtwbo8jD-n0wJaOLeNNKA3N7ODJS3qQ8w9Bd_hPo6ffDykCJlEBpgbltxsPnkyjsxjl2IxFaPatuhhqOvPgofgXCTIzBRLYKBaU4BVjfuQJgfcbQfxNVHwsNTs3EncXrSIwsEmKFrU1VHeOp_BqFgtOKv5j0pXKy8qp_QOpk7mQ1CV-0uNEQwIXjZZ03kyrcfURd7aAZMxoAB3yBF7ShDxD1sJqylcQJGv71XDlQnovj6hmzmeU4uL1OEH90Dc_xnNOihi5kZgGfCaTkZfR1BBrlkWfzXJlZtWr_lffkwGBjp6Gs70AfWesRXsdEunUnYGGdt0PD_lb8A0OFz2uiHL0qBNdQmEc671lKKDn5RKG1RVYJ7rEOIs8z7opCWn7CXGlMevzlOQnJlyLKv9W9F6AowOpmxpevnMvJzYc4dDzmCUOxKQ5GATvGYm6zXVU33mEp4bTebOOqmbcJsYFKN_wQDatknb0rozlK8uLEdQU-kQh2_cPJjj9U1l4szBrzYgWH0rJatQG6BjiRrOEqkpgNM9X9ENMKELjYzdd27wFcniDUaQ02I3E-g8DgzYg4x2DilakEG7VmB6m-eXTWVFAgzF7OvyztPxB7EOS-87_Pv7-8UX7r4ooX4vbBC4SpxngYzBIOX04A_2WjDqnenk7h2UuQB2EA83__t2rczVC_XNowrhoS97TDXq_Z-jz6EeaXpA8adUNa7xtxWedNevG0K2SVbYjZHf_pukRs7yw-zht81MTa7WicheMD9fvwEG-2shwO6n6wiuuIB5kG-9dsJDIoyFyLg-B8TV2bwjkEa6R22EgvK8VCqxl4gdM3anSaIl4OxvsIkN8EZJofUdDnDLRD7u9EW2huU9fXc0c3I53-FeZqkG0DDXwdqpOi446WYgc7s1rql4KwrmBzVwNrDym6PnPGcGUH-YkdYauVxe8BNxMwUd8oljCqGP_7DNMIjjxtNs5Xrc2ZfgXkF-p8sKPiyivHMl93bzGe4XP5xaEWB3ePKvIggNuW4yBiB9mivu4O4XxB1eVoQfwfV-gv5M4kHhpaFPaE86VpbjuSZ4lhWhWrJ_GOj0wArrG4f-u_7A4iiU90qa7I-o4mUZDHn6bqlMkqldQRhhWLV2V7ewC1AFcmR7wqpdqERHH_PAaMKp5Jia88CuOhMr5A6q5Fmtz-xYPlpxkT1qh-vSxrDDsKFxbT9thSFdx2rZvU1YPKoB7R0_JPHeDVioVoyoMyXjtHS6MCSwhIiWINolME8n0YUS9c55Yo0SUGIO6jPxY_XlB_potYXERiv5y6X5BA4yH7I7NFTovrSQzUStwCXH35wonzovMtuEfrR8DZXUK5-cuC24gD2_2EOLshyb4gqsl72LVs2udWkUKIAYNmnA0xQ3oyXtKL2WnNFlJ5n0gR7ooZ_pnZ0nG9sQrtqesgbOsKn1UI09ym_3u-mEbHgBKwduFkY5H6eDcbjtK9zrZo2WWtRDyyI_WEvG6K19nZxZ5W70fA3SKCmUyl7XUJJceQkBkvD1uZLc7ELX9_POyoZmvmijQy0I50yz1b0jc0WPlVb6JUYCJ91vIFFt4N72BFa2PMwnDnStBIgAOMwRpf-jxF3ZzkvbqMhJL7Vqz3CRsBZPNfxYtG74DgZK9yI6W1Mvtq-LeFYzRMXsTBjCbFwndWUKeSUezPfwGgrf6jY7kNWx4Vgo4GvjRreWC7MCfUNzjyCDuy_Bnt58gQ5HJHmInYRHTzSA4WFdyIs2ybgG4u1GgGkm5gDa7hwcuIOU0PzTq9z5QJigmWL3LCQoIZgNrxLUQEpJtKNKwvnMfk0eb1hkQK7jn8QecP0ayyI9jfLCDPOLruOmkIbarkYvO9-1PmyC6D53HlcOBsST41qge8AcLjtAQyoN6qsJ65QfJBZdGeK-xVp9anrv5Q6llKJhOUedNGaoDWqBeBIKfeJHu7oMc2Zm8DeVFE2gX_guVsMDEn4rl8OFKyv1FuAZXyDc2kWN35Qtw4hDpqS8JxjdHAoP3DqpxRZVuTQ3nvKcKjXA6DdS6idEOI5K84HwUhKW2DvNsvcZOkj-aLguJVJCh5a43x-Feq6e-fbqGBbBO1yL9m3glYt_VYwt8ySNxbkUjL0u3Qzss3jR6DYpIGy0G0UK3RHoyIky8ouONzONvY8CeRpVCAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAWAB&cry=1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.223.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-223-96.compute-1.amazonaws.com
Software: /
Resource Hash: a69dc8ab6664922c44da34d8074cbd35f349e4d6e6ddea70e5976a0e1f4b3332

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 15EE 3 KB
1 KB 211ms
135ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 02:33:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 15EE 20 KB
8 KB 141ms
65ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 15EE 204 KB
61 KB 61ms
61ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 05:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:44:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EE 42 B
63 B 127ms
126ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDAN0wc87OsrN3cbXGlU2lHceGtUs6YOJjuZYee-yyFDK9kgSOtaV1mi9_avw03b4oUIP7_SR5Un1aFWz3YTjqALDuIHPR_tkRCmbtK-cDp849yOE

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD75 624 B
246 B 119ms
116ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGPjeg9wBMAE&v=APEucNXrcdJq9C-jnnv913gPZtZa90Q94SIl39bUyd2Cx4F61huCSg4g6ywflTdypLEH6C7HHr39jqW9i3mwaGo5PHHpbrdgBw

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:42 GMT
expires: Tue, 20 Feb 2024 06:06:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0095 93 KB
33 KB 93ms
90ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:06:42 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1288019/67920851/xbbe/creative/ Frame 0095 279 KB
83 KB 444ms
57ms Script
application/javascript 54.87.223.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1288019/67920851/xbbe/creative/adj?p=APEucNXwIUX30eqkL2hS_2SnJbCQv4xGW7Ds9ME60H0MZekFO85ztJg&d=CrkBAKAmf-AGiwLFBeeME0LnTrMXEK1J0mi6qHkiTj6oxrqhTQfHzM2GGyFuV_I4hSBZU_o373I_-62g5pkS-_xamxNRLCVGDMdSc_q1Ps14Wyie1BBZgN2Xtmxpth7NW4xJsbq7G3S_bIo5uke6W00I-O1nlm9LkK3tl2Kd5zV02FxQF5A2al8WE9JP_DWOJkTy1AyJuOqitm7khU9huDDhI74Pd-UFmswHZ4bDl9IF9uOReonGN0y927IS-RQAoCZ_4NjuGmDbQyzkwuKOigGC8vl9ljxZEy_nDG4Qd4_pHEmYksuAYlUYCBl8JcZ2snndzC0hVSr58FLujhXlcYSRHiEi5s88InHwne2k5IdpmCUjXP3I08qfmqxT1PnI0zhQe8UOLYORe_zpWF79S6Bb7-tK_a19jGqG3IE3jQo6DQHIXCXxjqzJjyA3ctINvs84rgx5qBFMT-ZrlH5cYnM1qeTW-4xl5PwvYlKyluvZg2cjm11o9r0BUYPMMqVPfR7Hr5aNv24cj_tCHSTyW4_-joPKB4pJ6WZNcVwROwUGUOdz94ayTcZsrayXInn8onwp4J1p2p03TpyBpQUeGL9aPG18MFSRraO6Wxav8QGGlkN4waMpu2HABXmtSR4RS2jmx6QNNzMxdSlceIw_-BV76Q_VoaP06dlz-RWnW7aGrBK1t9ZA-LsXatRmXA1Huj4PsXGpL3tuBd65T-QQY1Ik7KRwc0cJe8qQ4Ka1Nf_mqMUXM0txOOgjKPbfORlSN7luf07zeNY5ewiGpEOKlZQGe4nNF6MipSj5jZn294UxlHS8cozJfUHdOXsD8FhKIanut2o26O4tPN3uaA1E1hId2uJshcDYNY_vjug1h6V693K4g5EHSPSHKRqvxRXH8NPOE3WiVkf5huio67VmlX2yldhm08C4n_3BYPgSP4bRlo525LvyvE1uu3ytBErgv4vF8itJRg0mkMt-1E44re8PbLJ3VV1XNIYbwLtCztSVvryf5W3-SCYCT1YDHis5RoSrBtwdnnQWK4ejTgVzaZTl0FtJZCMFGuIYbyU6gkYesT3TVsBJZ7yQKvgsqvYSvXA3GuDFegaTYnjP7ziykGMqPUmDndwg2_fpzNPjwQDnBcyS84J7aWOAXUD_diKuR9uAG28q9to5fX6A9-PoivId8A1QaXU0OZBVNbrXwVqqmNYiUw3cc169TVUZy6r9DtX_9TYe0PINZJc4ER3K7o1TfRjS5GZcEuQX9BIKaeN2ZwW11FJQZCb5oOIMjM2rE-0jdlI-zdHiSY0gQZXFrvGaLDY5z8cSSbFYtxiezMVjudHDi4eFBBot3yVPTRkZq-X6H6PQyyVxYmvvlxnxYCU3VY3AP9-oZvmZGo-gY6FZCJGNG2upD9SIm7VQSpY2e8YROvbE2ahv49yCVV9FW_U7sfF8TaAQIqm8ae7pGxn5J6kpE2LuOGHvttwEyhaMNCJF5qbQh0sDskz_ixysn-6uyU9-9urAKhw3gaW-OD91bWPueU23TKxt9Rdv-TBnYSNhR1sCWukEra3nCqA1Ie5raiZOBNSVSbqFCDV2GtdEjJPglKhZBBe_dG2-6CGBaN2z4882IQkS-9YPEH6STK6A1fkkL5JnsKyrfubsGI6ZgXwG_mX0bmGCkGWqrCD3qTd7VIzQxo4sDIb7PufqRIl3pRn8D12ZomoW_2aYOW5FA_tEfKcWuNFaEsCL7VM0w0_YPIluY1ei6W5O7ayumR49pSV22wTDBVpcPISd4zQbd5dHIfwxgoHzEXPpDFiOBClK0U1YmPOIqniJmhYz5wsNIFQE70mw68ltmRIgpwFsJ8g2NSt2qAwLP0B0mWSUiYPXPMW9HqmVhKLSAUIM678p8Oyozz_C9Py3EgRIY2mEVL6udSH0GaTyg27Ki2sPrSo8a0c9g9yVdCRLs3FXuNaPU33H2ya6c9mYPU2LRY9WVyPcaWFq9o1Rc5V7OG-IS2QIxS77sjwS7QInbdW7YtkgkUv28-ePjBn6rM8wT3ETX5JFsDCz8jkgwHKtsEFqiHJp1lEK2moqMOycg87QJDry_2mQmfCeuEuh68oregW3aNVWcnJ7EUftTWSHIborwlXfxh6V51myoAfkkYuT7jX_nqpnaj3OllfzGgY-m8JQHHezg-mh_NfAQRkrMzIzTu-5r2uVg8XWynXIHE3IFg4eKo0wTFbfhL_MFUlvDQVX96srPvlCB18utoqrIHjt_OZY0V2yjOo6aI5S30wQ2jRTJfIUC3oysHCo-MDApT0WSZ4OJM3im0qa1rhN8iOVvOFgUpYGfKDK31eCO3m-0J_rPbDdvF0rjzYTPgfocbMrRJEJkFeAi9gfqpdbMh46IezcjEgpF41k80TLjomrPWZbgGCXnGW4CWYcnhdOlvSs_DLSWtsdQfXwcWd8_a2NhQ7vdn9J7DjHANFhtXW0zIkbQ1E8vNHVpq_7uT3cBPx_DOutsIKRYhvL8TOF4NK7AKyNqZPssqJlVF4nJt5Hcx_sIh2ZXo7SSIQjaoxJscCJbeKniZme3dZp2HfxnOzC6OshAGLklBfkgxe65Nv8LuGaBw0UCK5V7kmCokqJIugRu8tEC9yqiWp09FapwnK1YSK0MhIW61ywlpAhdlQg-avOiJjFQ-tpjCYs9eZ_gl8_bRMem07R_8NlQbNunzdFjvrFkRiLI3LqvIqtwan4QAIzLhNmLOIL-56nN0PzFIRANrUzkLQRxlIjXg5GrsadJltnrEbyA6w_uf6joXHrmRO4NwldWfVPIaxGT55KULnQqjwWU2xyaZUmOiuWNmJ183ome4Gi0C2PeC5zzuRjpAG1bFgN-ed0_LxfYqxVNlhT08IYpuyWlrafDZiWa2ZfVNVKfBNNwX_whCz6_Ljff0ZUzLJGxcTY1I14Bqo5OX9QdgL9991MjKT8uzOidaFZH4jFBL2psA4ucF85Q2WI_vs8YraTkewqol4PLn9gFiYcTCcLwjZSkZKTmt_30Ce1juKdaF0l9FvVeqz4D0YyUleYhdoMqb2r_w15ujOmbHbc_zHDjirjGnIwfm-X1cBBrV31tmoC64jaNiiQBGXx4CT2A7hRpu-aS46JVsZNZeh6OYFieZB2T6Fma428X3bTqfd4O3dMFotWUz3A0D-IidvzY5H-KNDWvMCp9H4D0TaYJdO-xMIiqdspqvkIlC7n83LreW5jJcRKpvDFLX1poxv_xc3h6GDtXOedpshGfYKgJQiSv4iXfOSP8eO3tDMSjSwE4BAj2ZkfzWpiatJVYG0TugcyQHyr3_K6m_wK7cD5mOMCoL_KLdEBsh-Pbnt6D7u-e1XPnFXctgRQgMLWRNh_XLC01L0bsq3Kxr0mm4v2sBaEbpcXrrb1EJbzqmPaSKuohitAhQcR4bTVrCx4D-VAdzlkmhHGYNuL5St18R6p_xeBlNF_GsPP122lyZlug9cUIUUoPBmZS5ovw2eEUr-EgUv0swGSJDRtl1oJNkhe-O_TTiU_atoca8GnA2LsGLVdFZ2K3qVS2xg1SkyDDqGA9cfSL5GVk49X-clj4ebA48HkkxohzujrI7sMS-7S04eIuo_1V6VOgtJcAMKq7RU_iXw5O4IqQWlbLb4XXGmDJvy6nwZgP8Szh0M8RxiFQ33_fR_dwlG9AWpcd8Ke1EZDc81iHo2G4IBKo81tYTjFUi3nm3WY0OGmzLLfqimcG0MNbyGkmu2vxfXqcXv0FiNMyCsA-1fukhq85nKM-0-MuwT5RvWtEQQ6W9LdoeOLggn6Iwn9-PeuYbw7JNQMLBwovrVRkNsnxK9k3iAm2ddXwcLKqnQQ4xpVCAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAWAB&cry=1
Requested by: Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.223.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-223-96.compute-1.amazonaws.com
Software: /
Resource Hash: e768717a733c1015a13a5d9562ba1514bba6adf74934a1ed1b6d636520de2535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 0095 3 KB
1 KB 186ms
137ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 02:33:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 0095 20 KB
8 KB 169ms
121ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0095 204 KB
61 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 05:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 06:44:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0095 42 B
63 B 123ms
122ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVsJ7whaoZbgaoZSQEkrHKt9V2yNfQf14sHoNqP561SItiGIzdUXZIfdxy9QTfXJnEKZDQkkd0j4MDGZdIL7qs-GR0bGWiOQywlxEE2Hjyt1YUbxo

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame FE0E 23 KB
9 KB 125ms
122ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 23:39:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FE0E 9 KB
773 B 72ms
71ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 05:03:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 06:06:42 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame FE0E 15 KB
3 KB 169ms
52ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Feb 2025 00:57:29 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame FE0E 379 KB
132 KB 171ms
55ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 02:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 02:27:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE0E 20 KB
8 KB 115ms
113ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:23:02 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 29BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8A9LOl4J4s_supybaz-JY&google_cver=1

43 B
752 B

105ms
105ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8A9LOl4J4s_supybaz-JY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGOreg9wBMAE&v=APEucNWd1UwRhPNj-8MqyCx7d7UER9dr-4Fx1_4297fT0xeDl9SjTyldJRPYwnu1Z8Bee3MzZsyasPyjEHOpOEnEV9TJlA8G3w
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2MCY0RMc5X7kzutCIUYRybd%2FdKQ0uyOTbD8CzSR8xkEP%2F4kOAT0%2FvXRcACbaga%2BnEomHr4sXbx3IBaP7i7NaC%2FDz%2F7km472pNx%2BKpZDmk%2BP5cm4bfzMMeq%2Bfc4RehCvi3FAg77Cw9NpZtFeqcmtIbs28l9A8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858490ac4979741a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8A9LOl4J4s_supybaz-JY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 29BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdRBctHM7ysAACsjADX5PQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

43 B
745 B

72ms
69ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGOreg9wBMAE&v=APEucNWd1UwRhPNj-8MqyCx7d7UER9dr-4Fx1_4297fT0xeDl9SjTyldJRPYwnu1Z8Bee3MzZsyasPyjEHOpOEnEV9TJlA8G3w
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWduhYapLydIzA1r111B%2F3Sz4ejQ2BADZuNi6dfnzHU8sZFt7lcFalVDYBONaE1t%2BQtgZFF1DdQSlgfJ5g4sI168U973R6Y70tR90GVb24Eyhk%2F9100yzY3pcK97a1PQtP2hz%2BX6%2FCovWP9ZfXvDklwMnvmXmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858490ad1a33741a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 29BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNG086t3ehELQWkjqoV2cE&google_cver=1

43 B
1 KB

73ms
72ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJNG086t3ehELQWkjqoV2cE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGOreg9wBMAE&v=APEucNWd1UwRhPNj-8MqyCx7d7UER9dr-4Fx1_4297fT0xeDl9SjTyldJRPYwnu1Z8Bee3MzZsyasPyjEHOpOEnEV9TJlA8G3w

Protocol

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
an-x-request-uuid: 6054ffbd-c39b-4fc9-8e2f-4fdde7b31af8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.74; 38.132.118.74; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJNG086t3ehELQWkjqoV2cE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 29BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1OTkzMzE0OTAxMTY2MjAzMQ%3D%3D

170 B
243 B

78ms
76ms

Image
image/png

142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1OTkzMzE0OTAxMTY2MjAzMQ%3D%3D

Requested by

Protocol

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
an-x-request-uuid: b61a9428-cc84-4861-b738-a696fd307646
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1OTkzMzE0OTAxMTY2MjAzMQ%3D%3D
x-proxy-origin: 38.132.118.74; 38.132.118.74; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EE 0
20 B 139ms
129ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1454462214615&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EE 0
20 B 137ms
128ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1454462214615&version=m202401290101&ct=76&x=1&cor=9498461464391020000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 15EE 16 KB
12 KB 97ms
96ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTdDc9BVgs0zVSs929o9e6hiGer9_OI4hT6auXbjvYeHIvLXQDO8uNn94KTo0iiGem7r4gTELT12MU2wfGDCGMv1AcukpSYl2XXyqBRzGDmDVtS2MVNVrn3tJNE6ugSISJIcdUUqBBnGybGg1WTE8Y1dHx71cXMxHpD39d8MqVgEm3n2-VJIwzh1HY4MtiksI9AHDj5d72fKgSizQJXzb1mLhK_Q&cry=1&dbm_d=AKAmf-AOW-kR1MauRSUL0qk8or0LCHCLfHk4UTJARgD3M29m4dvwHFimcV3Z78oZgmtWF9EuA3l1BSF04xwKfWpL0vRk6JUAgBKYLzaGastA68XEJFv1FedJlSdEDEyT_BVXFwKLisWsYMxH8f385fhpP6nghM5hXAHMb3esosYMPa4s6bK81lMecvtpPjBv-gwFmm3mKpnXWqT7hiHG1ggGMOZVM7TKGLgMvL5nqTVZkO6ob6Px7bIDJmcGQdUdTC3b1VIcRzUg9vRh5ZDsdtsaiveaZtsYRtSWsJ7FUwV1nv6usJqb8Oc2TRemM3kKZGyxII4GgWc3KmumeVdLrV_epe5R-SQ-hbiUgd-5dkxZf4ANQrqNCX_5Q7UcDCH0hKBtyszY_HUBEmLCJZUMWTqZcdKqviCYxhGSbrBVySWyFwk2JbW3tNbCEcrJd4Pb7MFZC7qjltyQXVzSM4b1TsDY8LovOdzucnpP59FsjmBT2_kSO-bqtXxgyylQdKAWjuZwAWhEDGc8zmx4m9oSu6djyT3YbL0G07O8XKDBQdDZytCR_IZlhGySnYb9GBF_JarDs_D1RApvR65PxshVDxA4UcDcHYjPfFaXUCilsMxSRbs2B6mkIj_ya9qMlL5eyKxwFWRoYAbsHC0v938N041bKM8yIRa-7mdeT5qkMnc3i5EVo2tqL2eA8TAHs1SX3i4Fq1tTBJ6vYeWSpR0VS5mSlbYw-sigB4Ed3knJ2l2IG_didTOOkuLRT004biiE2ncSMBFOgnfSVjsjH04Mm9DKUC00c6wuhX16tTxLZ18OYMJTEoTQS5WfjEdvx5amKTvYsZb-YctMmF5UR6QJp9g2sm6Io2Vc93GBHHuqCi-BYJ2FQ21olDEZKH2g4G5XTSxm8NO_7QemjMAsaXWXqmc69tFf5fUhO7_E3kJm1ZtUExaQqXkspW91GrRTuuu6IA7-0gD1Ngj2a7tvnavNrJSHvJexXe5_WQ7Db9jO0hrugzh9jjDFerv8iI2_VScjzrB1fVyOs1IuA97MqI7K-8-VRgeK00IPF8BnWU2xcNLej6R5e574lgICTD0oG0rxlxMJfWp9yJ6mf-oJo4QquP6iz2S21d3u_E-qZ9D7mYNm6t4n-yrVxilGi_0thbjriPk9qgJUB2-X9M01zz6pfxYS6Ve9e9vxiAORQNxp8T3a_5huWdD_PLeGSvAD8q5cranRcuOLpXb8qHGn1RNY_YFxccRJnPIBhqzCNaxvdWb-X0jasQp2PCaV_Tpr1W6saug1xOgypEXQy8BNDhaswVAsLZ2oduKWEzb97IK9gh_uoQ6DAAXKI8LYBV7UimLSv1q3ywkYVajZucpVMcbF9P-L8ve_-kNs91oDBuxZDO3-gt02KVaQ1Do-9VS_l_z0Yjydy7BbeMpXmUCgrJh8Tpxov0GkZvc0qI2zjs6vOepvnGHfVRNZWdy9SnsoUa_Ql-y74SuevzjIeRhcv7vByGijBqsGeLi5D1xrrzn7HEimF2e1ym0IECNdXfjEwLKrnh-fSizu-mPxMMM-Q0uAhTr7vfKjkSZb5cyMdw_FB08xh53lbolFflTn_ENggN6M5LAFWDtVURhK523AaCx40gubV5By-K9BpOlWP55P8XgJFMU7UHRFi4DA25kSSINxm5kH5SKr2KBXWZ6GpkKNygJQVCd9CdDhVrr-PhLCAHfgUt0X9b9X_uoj1GDiWcF-QACP18TdvZvYYXHuVYRKzjUJGvaDA1i75T6WnvQ4z11X0yt2SAyBdqGbCMo25mZsIYOsY4lYGH1UwZZjWNttOPNxOWWQHiFEK9ogU-6DC5v5hoXDOHNOSBFmSKvp8kWwG43syH_JTSlV3J7Zb6muwrb65-AT274jEHMndWOG0mw5dbQ1WRY2CAiTqFSOagV57FEqFv88hGsaFpZa3sJ50ATxwJOM5scSKKIK_YtJhKtnL-NWbp_BZYfR_u3WfalQ25mtnuSd4Pq368dl03wms9SRlXBhRR_btf3uGXXWUFq-SqPQ9SDx7uSsspgPD60AeCFTMAWulj1O8kYJ3IAX-odDsxEFEK6g3LaMm_felJpRLQax1djvi8GSKXD--co46GJN_CxcNCd92Zi5p-MSd3WGycpNFfZUZsYdBvualwqXon0zSw_ic76vnfdvPWDtn6MOqJGj0ERsokogrx67siAQ33lfIKeMnN9u1hNP_byr2OQBGL8_QHQ6rwpanAQSnvuQyBH0s1Gk6x2JlmlshhnsNDMj126niQ-MXXCP25avi6n6KD-VchHXPeLmzXOoLvl-fdnhiKOctYBBb0qEIRbC4b9kCu2ipBK5BDrhiusGgxDpTJ_ojrrzlbzcdWJKd3Z1ZuKmic_Kkd4fubxVfVeJ8jEaCoZm8161-cTmCXZFdtKGyINLaseNQYrhvuKHiySJll_xsC0bJqzPqoYQfXKxa9Nm97m_7YJNlRZ_PTlyulW10Pw9-CU-UDlePW8ychUOOmlF0Q2y-dIGlg6FWCZbRlgD-o7Xsj-ewFLA4UUV1SmrXnoir1QogqL08l1ZkDFv7_edC1309ERFjQc53wHTGQzx4-l2UjrwQyATy30fGQUBrS7k42jpfQ-jTP7FUJ3v0KTySdt3tbMWoH4ngmQU5ixpNoc91o2cjuCm7cK23RK6Rbfqm5UWM-_ixLk2vfszZ3f0n33dZfdy5Sv8E5k7_4zyloZGTy6hV5BRzdl_o0YIdmKCDswt5oeiR0dJ6TDrg1h1j_dlF9pIcj2y4d-LFXdil_maAcks_1Prh9ZkGg9RhmjUv3JEUKxSoAKd66IKq_ZHuapHJ5jwKaDm7iPJSgnvnIW-mSfoNEow85DjPCNMhjdpUDsXDbbcGSgav1sKfo5vItTT3L4_349sT5p1jCkexHgLZjwaTbNgIB9cxlN0IxKIsPpJOfczseQBDjT7tlb0JJSWQ98X2gRaJlNY0W9GQJuIpiqUT2wANzw5A-ubU_mF21kTO82YkTUIVbGBbCGHZ0lLn2mORwqc1Cbs7DN4p1j6uG_C5U-11fQD0mxphYCicCAhJclm2TalSfkkE424xquT&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fai.samsungoneui.com%2F&ds=l&xdt=1&iif=1&cor=9498461464391020000&adk=497053792&idt=104&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb62347660cf35b89fc0ebca41cc07ade394a78a79f3315d971cbd851d9f17c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12521
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0095 0
20 B 119ms
118ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9850839779750&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0095 0
20 B 120ms
119ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9850839779750&version=m202401290101&ct=76&x=1&cor=16753057816732002000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0095 16 KB
12 KB 104ms
103ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5bcfZv4yWBFkEr2WGtF30pt578hBsrjVYCkFjT_x8ghePQx1U2unCpMtb0EYEGBsYLpPqmAj9qjo9eEeoAWSVmBHn0UUGTQ7vwFUEXPrjnMbX117jf8pzBbKhBlNsud_ClrKQrAy4aOgC-HmNvOAOg4yARQVGgL1JE-H7fVa8K6OZ6koFIO8qwwemKEz_2_O6gOav8ZtrOxATYlxVIDeMcJxqyw&cry=1&dbm_d=AKAmf-D9oU6Jv8rPInhJtJKt5mOOwgSESba51iXM0oGcaedtRvKcmFnlaerLVP8G-EIxXMgFcwGmxpV_ptR87xUcO7HcKEg4z1dFf_l8kvz9ZxFKxlUMo-21iN-vBqWjyY3nEl3Xt6JxmvAf2JMW_Bxt76jvf6mrI2Tm8k7zlzeb3h92XEG4eAlG28UBEyl2SoZeWsf7hQnu8_O_2w1QOPvXXESvnb4C7JabhQS6eMGCteT4NxSTsb-bH0Tqv0aFgvS2nU0iSaKXTNwnNcY6GfZFEPvKJlNBgvCDHfqgVU8_-ZGcNIH-qtyp5zJJrR3BpW4BMCEtXmcDUfTAafL3U5riwdGUgJslOP1shLB0xvAsa7RN_SoQTYPTgiufCzHiGbaHIv_VLHyK4bQ65Flhz6plji8sgT0DA0GqLC45jmBU5gS0Do4TMZ2wkce_32aeFHMYsjKN2ewiSGwGHazTBnAf2iXdaDtjivYyNggUZAVyUeAYMxDXuL_3eYyroKb2GokhIPM0ILU_vYWRhywTETgGW6-5gSzxo3AtJkbLHM8cLxzL_E4of8FTGFJQjThC57RmGejLPWy2o16jVtoSHH7ceO7Egt17_x5g3hcE3SqUogoFi0NHmHShPFo94-Dn75dLmGiBPgsu6vFcni6--HsrHYS1PGBZ4b_szvaPNkMnTkxmo1ftnXZ25kLzmsshNJfrRAIZ8fB8869-cABeKTZjMsfk0-WuhzzxziZRPR-xo9ClNa5QRBT_7DRLksvSzKxRtzLdywD7j2l0yspJQEJ9czyXTPprFmuA4clvYXflAmG0gb2qgRu89EPmUSAN9-P3ebZdw-ExfiRJggVdyU9U-gPKlxuqlsyZjQ7eqzxXUD6Mfh6tbJQx6CDdDEVbN1nMOls29FOih1MR4E0mmFqJlTcwAVVSoFreTICJPILYHLKX5xT1cC2K13H5WA7XQ6BJIb9FoPlQWkj1AInv8U_JIYYtm9slYJHXhmZrU-br1ixyWznbjiuhjoh7kMZ-UTbdfMcDP7viYS62xAdZ-seN99Vp7KhU7beak5J3_3WS03G8AbquikD7plwO3jJ3Jo2fghX5xW_90ze_U8A9fuwzkS7qzpaKAg3cV5B1xo0mQ-METUpv6I5LTwwoi2ePTkhgWYY1DchKSGB3OLJn5avYnOMd0dBPQ8QV2_71OT8j0TSCKMyX4j6S1f4Lv4TiEasQGIfjwHgE9qCIPu4bOzv9Ijr90n3GPmgMxpp2uGXRvPgKaNmCDReMpb9HMvaRLFLBsbcAtfLc4VMS8pjBp5R6qkXkIBJyEHMyE0Wj_Xf_V-cEbYJsFRbHtQYyaripr-vAwgr0LxgU_1wWYKBwEjHuCLZNyvDBVz2GVWcjRSzUUYHc2HibzptJLt1jowtpCfTehnYvY9wZcrTUhZd3u5YX5Fuh1mYo1qTlPE0Xha_V-PGkmIwydnrng9cZpZbcczkK6PSLSrVZy_Z6lZzvh3IZiyBT4qNtkWJ-QDNTO-n7nFre1uZ8gXtKccEwARiqfx_Fl-oIfID4A3f-LYuHXwVsLa6lsCAoy25MUTtR7SbYkyNAEIRKwTQrIBS-yH2ch9_DjWtFEDKi4wrwqDXOrGFZbcE3FCei71rc-3E0EZVv2WnFzVkQqZl7f5EA7iapsogC4Hm3qLT89XCG7up4NVzdAxkcge8j1hnrwFght9yVd0sIIB8luSj0gZFVnBy-dft3kzcaiQsFMKWlHYHJkmex3T_pYeL8TR2ljQ4CCpfXuMEbeAdtDxUDXCv21FDGzdVp_Pms4--DGoMiYNoUf-ng0yPdd1HsqJpR9pZT8vK1ey40UoccDzVPSRYFgYAWhoDIPWCbGRvBI5WkyVQvW1aGz9LX7Ijco3lsmt7uIxEPd0FfrXVqJkj7hN-16cHucFAmqZH1tqNpLe6keD7QBZfyQYr_iRqcUnyTEVkzfJitUxB99LIcYl1218q8iwod5bulbVtOcI87JaIlrbpQ-Wq-DJMMjbis3nFUU5vQ5nZYFM1p9H0q8qrggf2l-EKhOljhYC8meHOtbjTMahsA2b6FAVYf6zc3r_PRIHdloLuCfHH91e_-3TRv7RlmQn0_NUcbJkgMHTlmz9fMgiVAj_oKbsdZR0IXjNTxEp-jQ9WCZuTjsisF9YnDYHIT3PdKfKTg7L10DACOjNji9HVeomsdaO_kIApMwodgLxpls-8NGiy_-B1syOyDM-I1JmpHgBB2A2pKm_uchbE9DvVi5lkt_cj6_H_4YSg3RsW-M3Xz-SfjrhWcS-YQJBopZc0zYzyMezQnaGrxVKg8w44uKqV9oOK84zEczLaR2QwqQBEtoTtkZbhkkEaS92gZ17zPAYz7sQqxvWNHnABzCLmBguw4GIxkxNH6Z9EecPZDNfqxP8Pvu_cA7PuXNXLCTgJory8wN434AoG4QGJO2xxCGQHYGRhJ-Vzxs8cjAzjBt3dmLEQsfm2c6EQ6H2lX73ff6nUf5_NXlFIgHpBD1SZKVlehyTrof7ohMOYOVxIRAuRhVmBCXgxh5chpSwWaIfEUnB1_8t7TcKczJ-HECtRsWTRyLRoYaKTfo5e43vZvSImfjM5xNSDNbRmz43VeCXI9xNKU50vN3bl2lODWinU6l6tT95SuQFVRV7xD-A-m7prD6Fqbusm55BqohWo7-TRpYii2GPyQUBvyU41BkF2SH3EORj6DpCPHz5nRf23-ZbCOdFC4qp-wlE560khM7WTaLUiTJf0bZNBNOA38YJ2cRDUM8uxViSwznkMwDZDYHPppgSwA8g2r84eJVqsg7EWrSAie37uHWIBX62IN7D4UoosS0MVvzoac_PsOuhctnBdKn4F1rfUcy5619vAuAbOLlOqXlE4K0goj-0LDM_KjvG8teYK1ZYYvveu1-hZerU_RCVaPjO-AsF2TEh-oSB7VnI-zTE1EXYD8zrW-FXZBV0Wc5V1dh3R-_gnBB3muNmvSqa9b8WFaa-b5fCwRIOBG5klvVG_FaWah73DR5wBLqeb37nBFEXiy45jms9ladlLfyJ-zMZF3beJ_noTR8knEhtlw_5of8m4TFwIHz-4QDgokyp1UsXnWyQ&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fai.samsungoneui.com%2F&ds=l&xdt=1&iif=1&cor=16753057816732002000&adk=1761367584&idt=119&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f396feb42b18de2349149392db1f31e50bec28a2ff440eeff38d4afe039e2b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12489
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DD75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

43 B
748 B

70ms
69ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGPjeg9wBMAE&v=APEucNXrcdJq9C-jnnv913gPZtZa90Q94SIl39bUyd2Cx4F61huCSg4g6ywflTdypLEH6C7HHr39jqW9i3mwaGo5PHHpbrdgBw
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWlgkfLSFJwQgTuKya%2FcYoia57BfKWC7Q%2B1SiQH8lv3OES5U4pwNzOCZUQ%2FDlNSd0NHuZKxVrMWnLww3ONrCE3DUKG4lSGKCfIhYWNQerZidBjXtTuWJr8uPABcOA6hVdZ398YEOhvifCNW%2BG6Qbh501ls32Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858490ac4978741a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DD75
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdRBctHM7ysAACsjADX5PQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1

43 B
751 B

72ms
72ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGPjeg9wBMAE&v=APEucNXrcdJq9C-jnnv913gPZtZa90Q94SIl39bUyd2Cx4F61huCSg4g6ywflTdypLEH6C7HHr39jqW9i3mwaGo5PHHpbrdgBw
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXyavy3SJpA1ixB%2BTnQsnYRbuB36GZ%2Bfpi3fLNzwRQwzyQbZIIK2gnOl6smVDf4aWP%2Bd4cTozB44ddu4xMs13vj%2ByJKSF8ARh%2FqdWaQd7EWErB1eFiQLlvohUs3J6udbQlI6CQzUL0%2BNqrsV64%2B2%2FEteu1JZZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858490aca9ca741a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbL0N244N2aOiW_TXIngig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DD75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-2dS4wnBybwtFO0_csxLg&google_cver=1

43 B
1 KB

65ms
64ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM-2dS4wnBybwtFO0_csxLg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLC1cUCEJnh6MUCGPjeg9wBMAE&v=APEucNXrcdJq9C-jnnv913gPZtZa90Q94SIl39bUyd2Cx4F61huCSg4g6ywflTdypLEH6C7HHr39jqW9i3mwaGo5PHHpbrdgBw

Protocol

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
an-x-request-uuid: 3311e3c0-20eb-4fe1-aba2-6786b7ea94ac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.74; 38.132.118.74; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM-2dS4wnBybwtFO0_csxLg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD75
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTA2NjI0NTQwMjE3MTIxNA%3D%3D

170 B
232 B

77ms
75ms

Image
image/png

142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTA2NjI0NTQwMjE3MTIxNA%3D%3D

Requested by

Protocol

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
an-x-request-uuid: b585ebd9-bf42-450f-a9bb-c1c4e0c313b9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTA2NjI0NTQwMjE3MTIxNA%3D%3D
x-proxy-origin: 38.132.118.74; 38.132.118.74; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26B6 143 B
166 B 58ms
52ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 05:16:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 15EE 41 KB
14 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTdDc9BVgs0zVSs929o9e6hiGer9_OI4hT6auXbjvYeHIvLXQDO8uNn94KTo0iiGem7r4gTELT12MU2wfGDCGMv1AcukpSYl2XXyqBRzGDmDVtS2MVNVrn3tJNE6ugSISJIcdUUqBBnGybGg1WTE8Y1dHx71cXMxHpD39d8MqVgEm3n2-VJIwzh1HY4MtiksI9AHDj5d72fKgSizQJXzb1mLhK_Q&cry=1&dbm_d=AKAmf-AOW-kR1MauRSUL0qk8or0LCHCLfHk4UTJARgD3M29m4dvwHFimcV3Z78oZgmtWF9EuA3l1BSF04xwKfWpL0vRk6JUAgBKYLzaGastA68XEJFv1FedJlSdEDEyT_BVXFwKLisWsYMxH8f385fhpP6nghM5hXAHMb3esosYMPa4s6bK81lMecvtpPjBv-gwFmm3mKpnXWqT7hiHG1ggGMOZVM7TKGLgMvL5nqTVZkO6ob6Px7bIDJmcGQdUdTC3b1VIcRzUg9vRh5ZDsdtsaiveaZtsYRtSWsJ7FUwV1nv6usJqb8Oc2TRemM3kKZGyxII4GgWc3KmumeVdLrV_epe5R-SQ-hbiUgd-5dkxZf4ANQrqNCX_5Q7UcDCH0hKBtyszY_HUBEmLCJZUMWTqZcdKqviCYxhGSbrBVySWyFwk2JbW3tNbCEcrJd4Pb7MFZC7qjltyQXVzSM4b1TsDY8LovOdzucnpP59FsjmBT2_kSO-bqtXxgyylQdKAWjuZwAWhEDGc8zmx4m9oSu6djyT3YbL0G07O8XKDBQdDZytCR_IZlhGySnYb9GBF_JarDs_D1RApvR65PxshVDxA4UcDcHYjPfFaXUCilsMxSRbs2B6mkIj_ya9qMlL5eyKxwFWRoYAbsHC0v938N041bKM8yIRa-7mdeT5qkMnc3i5EVo2tqL2eA8TAHs1SX3i4Fq1tTBJ6vYeWSpR0VS5mSlbYw-sigB4Ed3knJ2l2IG_didTOOkuLRT004biiE2ncSMBFOgnfSVjsjH04Mm9DKUC00c6wuhX16tTxLZ18OYMJTEoTQS5WfjEdvx5amKTvYsZb-YctMmF5UR6QJp9g2sm6Io2Vc93GBHHuqCi-BYJ2FQ21olDEZKH2g4G5XTSxm8NO_7QemjMAsaXWXqmc69tFf5fUhO7_E3kJm1ZtUExaQqXkspW91GrRTuuu6IA7-0gD1Ngj2a7tvnavNrJSHvJexXe5_WQ7Db9jO0hrugzh9jjDFerv8iI2_VScjzrB1fVyOs1IuA97MqI7K-8-VRgeK00IPF8BnWU2xcNLej6R5e574lgICTD0oG0rxlxMJfWp9yJ6mf-oJo4QquP6iz2S21d3u_E-qZ9D7mYNm6t4n-yrVxilGi_0thbjriPk9qgJUB2-X9M01zz6pfxYS6Ve9e9vxiAORQNxp8T3a_5huWdD_PLeGSvAD8q5cranRcuOLpXb8qHGn1RNY_YFxccRJnPIBhqzCNaxvdWb-X0jasQp2PCaV_Tpr1W6saug1xOgypEXQy8BNDhaswVAsLZ2oduKWEzb97IK9gh_uoQ6DAAXKI8LYBV7UimLSv1q3ywkYVajZucpVMcbF9P-L8ve_-kNs91oDBuxZDO3-gt02KVaQ1Do-9VS_l_z0Yjydy7BbeMpXmUCgrJh8Tpxov0GkZvc0qI2zjs6vOepvnGHfVRNZWdy9SnsoUa_Ql-y74SuevzjIeRhcv7vByGijBqsGeLi5D1xrrzn7HEimF2e1ym0IECNdXfjEwLKrnh-fSizu-mPxMMM-Q0uAhTr7vfKjkSZb5cyMdw_FB08xh53lbolFflTn_ENggN6M5LAFWDtVURhK523AaCx40gubV5By-K9BpOlWP55P8XgJFMU7UHRFi4DA25kSSINxm5kH5SKr2KBXWZ6GpkKNygJQVCd9CdDhVrr-PhLCAHfgUt0X9b9X_uoj1GDiWcF-QACP18TdvZvYYXHuVYRKzjUJGvaDA1i75T6WnvQ4z11X0yt2SAyBdqGbCMo25mZsIYOsY4lYGH1UwZZjWNttOPNxOWWQHiFEK9ogU-6DC5v5hoXDOHNOSBFmSKvp8kWwG43syH_JTSlV3J7Zb6muwrb65-AT274jEHMndWOG0mw5dbQ1WRY2CAiTqFSOagV57FEqFv88hGsaFpZa3sJ50ATxwJOM5scSKKIK_YtJhKtnL-NWbp_BZYfR_u3WfalQ25mtnuSd4Pq368dl03wms9SRlXBhRR_btf3uGXXWUFq-SqPQ9SDx7uSsspgPD60AeCFTMAWulj1O8kYJ3IAX-odDsxEFEK6g3LaMm_felJpRLQax1djvi8GSKXD--co46GJN_CxcNCd92Zi5p-MSd3WGycpNFfZUZsYdBvualwqXon0zSw_ic76vnfdvPWDtn6MOqJGj0ERsokogrx67siAQ33lfIKeMnN9u1hNP_byr2OQBGL8_QHQ6rwpanAQSnvuQyBH0s1Gk6x2JlmlshhnsNDMj126niQ-MXXCP25avi6n6KD-VchHXPeLmzXOoLvl-fdnhiKOctYBBb0qEIRbC4b9kCu2ipBK5BDrhiusGgxDpTJ_ojrrzlbzcdWJKd3Z1ZuKmic_Kkd4fubxVfVeJ8jEaCoZm8161-cTmCXZFdtKGyINLaseNQYrhvuKHiySJll_xsC0bJqzPqoYQfXKxa9Nm97m_7YJNlRZ_PTlyulW10Pw9-CU-UDlePW8ychUOOmlF0Q2y-dIGlg6FWCZbRlgD-o7Xsj-ewFLA4UUV1SmrXnoir1QogqL08l1ZkDFv7_edC1309ERFjQc53wHTGQzx4-l2UjrwQyATy30fGQUBrS7k42jpfQ-jTP7FUJ3v0KTySdt3tbMWoH4ngmQU5ixpNoc91o2cjuCm7cK23RK6Rbfqm5UWM-_ixLk2vfszZ3f0n33dZfdy5Sv8E5k7_4zyloZGTy6hV5BRzdl_o0YIdmKCDswt5oeiR0dJ6TDrg1h1j_dlF9pIcj2y4d-LFXdil_maAcks_1Prh9ZkGg9RhmjUv3JEUKxSoAKd66IKq_ZHuapHJ5jwKaDm7iPJSgnvnIW-mSfoNEow85DjPCNMhjdpUDsXDbbcGSgav1sKfo5vItTT3L4_349sT5p1jCkexHgLZjwaTbNgIB9cxlN0IxKIsPpJOfczseQBDjT7tlb0JJSWQ98X2gRaJlNY0W9GQJuIpiqUT2wANzw5A-ubU_mF21kTO82YkTUIVbGBbCGHZ0lLn2mORwqc1Cbs7DN4p1j6uG_C5U-11fQD0mxphYCicCAhJclm2TalSfkkE424xquT&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fai.samsungoneui.com%2F&ds=l&xdt=1&iif=1&cor=9498461464391020000&adk=497053792&idt=104&cac=0&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 18:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 18:45:14 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0095 41 KB
14 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5bcfZv4yWBFkEr2WGtF30pt578hBsrjVYCkFjT_x8ghePQx1U2unCpMtb0EYEGBsYLpPqmAj9qjo9eEeoAWSVmBHn0UUGTQ7vwFUEXPrjnMbX117jf8pzBbKhBlNsud_ClrKQrAy4aOgC-HmNvOAOg4yARQVGgL1JE-H7fVa8K6OZ6koFIO8qwwemKEz_2_O6gOav8ZtrOxATYlxVIDeMcJxqyw&cry=1&dbm_d=AKAmf-D9oU6Jv8rPInhJtJKt5mOOwgSESba51iXM0oGcaedtRvKcmFnlaerLVP8G-EIxXMgFcwGmxpV_ptR87xUcO7HcKEg4z1dFf_l8kvz9ZxFKxlUMo-21iN-vBqWjyY3nEl3Xt6JxmvAf2JMW_Bxt76jvf6mrI2Tm8k7zlzeb3h92XEG4eAlG28UBEyl2SoZeWsf7hQnu8_O_2w1QOPvXXESvnb4C7JabhQS6eMGCteT4NxSTsb-bH0Tqv0aFgvS2nU0iSaKXTNwnNcY6GfZFEPvKJlNBgvCDHfqgVU8_-ZGcNIH-qtyp5zJJrR3BpW4BMCEtXmcDUfTAafL3U5riwdGUgJslOP1shLB0xvAsa7RN_SoQTYPTgiufCzHiGbaHIv_VLHyK4bQ65Flhz6plji8sgT0DA0GqLC45jmBU5gS0Do4TMZ2wkce_32aeFHMYsjKN2ewiSGwGHazTBnAf2iXdaDtjivYyNggUZAVyUeAYMxDXuL_3eYyroKb2GokhIPM0ILU_vYWRhywTETgGW6-5gSzxo3AtJkbLHM8cLxzL_E4of8FTGFJQjThC57RmGejLPWy2o16jVtoSHH7ceO7Egt17_x5g3hcE3SqUogoFi0NHmHShPFo94-Dn75dLmGiBPgsu6vFcni6--HsrHYS1PGBZ4b_szvaPNkMnTkxmo1ftnXZ25kLzmsshNJfrRAIZ8fB8869-cABeKTZjMsfk0-WuhzzxziZRPR-xo9ClNa5QRBT_7DRLksvSzKxRtzLdywD7j2l0yspJQEJ9czyXTPprFmuA4clvYXflAmG0gb2qgRu89EPmUSAN9-P3ebZdw-ExfiRJggVdyU9U-gPKlxuqlsyZjQ7eqzxXUD6Mfh6tbJQx6CDdDEVbN1nMOls29FOih1MR4E0mmFqJlTcwAVVSoFreTICJPILYHLKX5xT1cC2K13H5WA7XQ6BJIb9FoPlQWkj1AInv8U_JIYYtm9slYJHXhmZrU-br1ixyWznbjiuhjoh7kMZ-UTbdfMcDP7viYS62xAdZ-seN99Vp7KhU7beak5J3_3WS03G8AbquikD7plwO3jJ3Jo2fghX5xW_90ze_U8A9fuwzkS7qzpaKAg3cV5B1xo0mQ-METUpv6I5LTwwoi2ePTkhgWYY1DchKSGB3OLJn5avYnOMd0dBPQ8QV2_71OT8j0TSCKMyX4j6S1f4Lv4TiEasQGIfjwHgE9qCIPu4bOzv9Ijr90n3GPmgMxpp2uGXRvPgKaNmCDReMpb9HMvaRLFLBsbcAtfLc4VMS8pjBp5R6qkXkIBJyEHMyE0Wj_Xf_V-cEbYJsFRbHtQYyaripr-vAwgr0LxgU_1wWYKBwEjHuCLZNyvDBVz2GVWcjRSzUUYHc2HibzptJLt1jowtpCfTehnYvY9wZcrTUhZd3u5YX5Fuh1mYo1qTlPE0Xha_V-PGkmIwydnrng9cZpZbcczkK6PSLSrVZy_Z6lZzvh3IZiyBT4qNtkWJ-QDNTO-n7nFre1uZ8gXtKccEwARiqfx_Fl-oIfID4A3f-LYuHXwVsLa6lsCAoy25MUTtR7SbYkyNAEIRKwTQrIBS-yH2ch9_DjWtFEDKi4wrwqDXOrGFZbcE3FCei71rc-3E0EZVv2WnFzVkQqZl7f5EA7iapsogC4Hm3qLT89XCG7up4NVzdAxkcge8j1hnrwFght9yVd0sIIB8luSj0gZFVnBy-dft3kzcaiQsFMKWlHYHJkmex3T_pYeL8TR2ljQ4CCpfXuMEbeAdtDxUDXCv21FDGzdVp_Pms4--DGoMiYNoUf-ng0yPdd1HsqJpR9pZT8vK1ey40UoccDzVPSRYFgYAWhoDIPWCbGRvBI5WkyVQvW1aGz9LX7Ijco3lsmt7uIxEPd0FfrXVqJkj7hN-16cHucFAmqZH1tqNpLe6keD7QBZfyQYr_iRqcUnyTEVkzfJitUxB99LIcYl1218q8iwod5bulbVtOcI87JaIlrbpQ-Wq-DJMMjbis3nFUU5vQ5nZYFM1p9H0q8qrggf2l-EKhOljhYC8meHOtbjTMahsA2b6FAVYf6zc3r_PRIHdloLuCfHH91e_-3TRv7RlmQn0_NUcbJkgMHTlmz9fMgiVAj_oKbsdZR0IXjNTxEp-jQ9WCZuTjsisF9YnDYHIT3PdKfKTg7L10DACOjNji9HVeomsdaO_kIApMwodgLxpls-8NGiy_-B1syOyDM-I1JmpHgBB2A2pKm_uchbE9DvVi5lkt_cj6_H_4YSg3RsW-M3Xz-SfjrhWcS-YQJBopZc0zYzyMezQnaGrxVKg8w44uKqV9oOK84zEczLaR2QwqQBEtoTtkZbhkkEaS92gZ17zPAYz7sQqxvWNHnABzCLmBguw4GIxkxNH6Z9EecPZDNfqxP8Pvu_cA7PuXNXLCTgJory8wN434AoG4QGJO2xxCGQHYGRhJ-Vzxs8cjAzjBt3dmLEQsfm2c6EQ6H2lX73ff6nUf5_NXlFIgHpBD1SZKVlehyTrof7ohMOYOVxIRAuRhVmBCXgxh5chpSwWaIfEUnB1_8t7TcKczJ-HECtRsWTRyLRoYaKTfo5e43vZvSImfjM5xNSDNbRmz43VeCXI9xNKU50vN3bl2lODWinU6l6tT95SuQFVRV7xD-A-m7prD6Fqbusm55BqohWo7-TRpYii2GPyQUBvyU41BkF2SH3EORj6DpCPHz5nRf23-ZbCOdFC4qp-wlE560khM7WTaLUiTJf0bZNBNOA38YJ2cRDUM8uxViSwznkMwDZDYHPppgSwA8g2r84eJVqsg7EWrSAie37uHWIBX62IN7D4UoosS0MVvzoac_PsOuhctnBdKn4F1rfUcy5619vAuAbOLlOqXlE4K0goj-0LDM_KjvG8teYK1ZYYvveu1-hZerU_RCVaPjO-AsF2TEh-oSB7VnI-zTE1EXYD8zrW-FXZBV0Wc5V1dh3R-_gnBB3muNmvSqa9b8WFaa-b5fCwRIOBG5klvVG_FaWah73DR5wBLqeb37nBFEXiy45jms9ladlLfyJ-zMZF3beJ_noTR8knEhtlw_5of8m4TFwIHz-4QDgokyp1UsXnWyQ&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fai.samsungoneui.com%2F&ds=l&xdt=1&iif=1&cor=16753057816732002000&adk=1761367584&idt=119&cac=0&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 18:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 18:45:14 GMT

GET
DATA 200
OK truncated
/ Frame 5C97 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e424a4ce9d08487dea732501b39364d83d4da9fc3fdb428a24cc914df3512d37

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5C97 33 KB
33 KB 55ms
53ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 02:48:37 GMT
x-content-type-options: nosniff
age: 443885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 02:48:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
78ms

Document
text/html

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:42 GMT
expires: Tue, 20 Feb 2024 06:06:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame D4FC 51 KB
19 KB 56ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5C97
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNWa8cEHUZZf4DO3JoPMPjryloAXFvfuUbt28l5OIEZiltpWLAxABIMqx_k1gyYaAgNyjxBCgAZavzZcpyAEBqAMByAPDBKoE6gFP0BmDjz1csqeXkd0F6XX6QpwGU3agqA8-pNZff6qo5ll...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xadf9a9bff33e5e450000000000000000%22,%222%22:%220xe3742c0782581dc40000000000000000%22,%223%22:%220x99b647...

0
0

515ms
113ms

Fetch
text/css

172.253.62.157

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xadf9a9bff33e5e450000000000000000%22,%222%22:%220xe3742c0782581dc40000000000000000%22,%223%22:%220x99b6473094672a7c0000000000000000%22,%224%22:%220x8ea3f9b7a6607fb90000000000000000%22,%225%22:%220xacf10c699ad9a0af0000000000000000%22},%22debug_key%22:%2216306179134253110680%22,%22debug_reporting%22:true,%22destination%22:%22https://zeal.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211055355798%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223696936271706887409%22}&andc=true

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Server

172.253.62.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xadf9a9bff33e5e450000000000000000","2":"0xe3742c0782581dc40000000000000000","3":"0x99b6473094672a7c0000000000000000","4":"0x8ea3f9b7a6607fb90000000000000000","5":"0xacf10c699ad9a0af0000000000000000"},"debug_key":"16306179134253110680","debug_reporting":true,"destination":"https://zeal.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11055355798"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"3696936271706887409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Feb 2024 06:06:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xadf9a9bff33e5e450000000000000000","2":"0xe3742c0782581dc40000000000000000","3":"0x99b6473094672a7c0000000000000000","4":"0x8ea3f9b7a6607fb90000000000000000","5":"0xacf10c699ad9a0af0000000000000000"},"debug_key":"16306179134253110680","debug_reporting":true,"destination":"https://zeal.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11055355798"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"3696936271706887409"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame FE0E 0
234 B 1527ms
444ms Ping
image/gif 2c0f:fb50:4002:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lstyq9d3&c=3453769997693&slotId=1726884998846.5&qqid=CJXwiZyguYQDFe0kaAgdDl4JVA&fb=outstream-lima&sei=44752538%2C75259414%2C318513497%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE0E 0
20 B 120ms
120ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C6BMNcEHUZZX4DO3JoPMPjryloAWJ59jndfrpo7_gEa_bor3AARABIMqx_k1gyYaAgNyjxBCgAZq6vaUByAEFqAMByAObBKoE_AFP0P_Z9bnYR6pZgnblxGp5iVdLUYcR4WThv5fSjc5lv4LqKhIwu42sYgyJPEJHO5OSXsFGSUU9xLt6GG8OsKe5_aZVsypfQ1iPftIOWqqn02EDj9RbyC_7Q3mP0iknutvdI3LA7V91NXSW-rBvGx_dpcM9j8gJgp-lckvKIxAjJKp6nL9cX0yPRsfUz3WbjPaDGH8to2PJ3PflRDyZ-A89oOdFtRG2BLhax4IWFkTK0fjocypK4T2Ek1ixl3LYrJtqva0p6eL-3knPdPwrpI6vmaEZVOwXi26wGsw6SMCmMzYTgmJiIIRGILVRRwV4WR3enRQRzJqHO_SJGqXABIKx7dbaBOAEA4gFvfKroE6QBgGgBnaAB87FwtoCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAoAhIvf3BOlijx4mcoLmEA4AKAcgLAeALAYAMAaoNAlVTsBPYzdYWyBOcgLDkA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1708409202673&ai=C6BMNcEHUZZX4DO3JoPMPjryloAWJ59jndfrpo7_gEa_bor3AARABIMqx_k1gyYaAgNyjxBCgAZq6vaUByAEFqAMByAObBKoE_AFP0P_Z9bnYR6pZgnblxGp5iVdLUYcR4WThv5fSjc5lv4LqKhIwu42sYgyJPEJHO5OSXsFGSUU9xLt6GG8OsKe5_aZVsypfQ1iPftIOWqqn02EDj9RbyC_7Q3mP0iknutvdI3LA7V91NXSW-rBvGx_dpcM9j8gJgp-lckvKIxAjJKp6nL9cX0yPRsfUz3WbjPaDGH8to2PJ3PflRDyZ-A89oOdFtRG2BLhax4IWFkTK0fjocypK4T2Ek1ixl3LYrJtqva0p6eL-3knPdPwrpI6vmaEZVOwXi26wGsw6SMCmMzYTgmJiIIRGILVRRwV4WR3enRQRzJqHO_SJGqXABIKx7dbaBOAEA4gFvfKroE6QBgGgBnaAB87FwtoCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAoAhIvf3BOlijx4mcoLmEA4AKAcgLAeALAYAMAaoNAlVTsBPYzdYWyBOcgLDkA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FE0E 0
54 B 1515ms
444ms Ping
image/gif 2c0f:fb50:4002:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lstyq9de&c=3453769997693&slotId=1726884998846.5&qqid=CJXwiZyguYQDFe0kaAgdDl4JVA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.25d&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FE0E 31 KB
18 KB 257ms
107ms XHR
text/xml 142.251.16.157

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D5qteGAvG9xs9oBHVlf_ss5049DX11pAmNfzzlZa775Ur6HCrJA6_vxQ94TwpauPCS9R4f5b8EJJPsCl7VPUPu2eCG7w&cry=1&dbm_d=AKAmf-BmowzoovJfjmWFZiwLvRzL9vIyfgY-40OxmwD4XqdNq2gFL_6Ux5hmeQc0LX07B5fsa4sJ8GDDKP6ViZTA5VzYQccgC2ksDFfqyIBY-j6NpqYr9xowV9h27wFNsDlC0b85ArhovBe_5RU6T0oJ1Mn4u9c7nCKvLVPT1fFLBm0YEGy-fVmkvAK002dMDhM3GGD3rKeCyA7UicLzmYTwNkb-MbdMleQ4VNtOw2L7bq1HABsoeLjbXYihKckFMcwxEpia4fQJlf4cNgxyskkIoALeyzOQRiXjXJMKgoa66tmrmXXQX0HgAVrjftP7217pFSK1dKmwLft_xL70lf309AJrTXQ8nGIXkuUnej5ju0056ydTF1u91Z5UzEes3EiMqQnp1KkD4UNU6jCsQGhQCMzfo33t0B_8xzrNf7JVOa0HAptCvo5Kxc3MbPSb-ZRb7fxZ6trtoqCuBGZQaX5XSKNX1Iz5CySoBNd1N9CDiui5aWIIdVD818GeYb1EUmmOKP4VrUd_jQtVywwUENkw7DAVJ5NcOyYBNa6dIl5VgUBjR6pWMtldybC9QbORd70G6wNWk5cfGG130Yp3jEujVPoPjeQMGuJl4IhivkAr0GMWQnLQzsYVsvuteQZHyEsT4CX_ZhFIaW3J_Xt90jTE8A20Nh9bVi-PFY05HXM1harOZob8PK2urVu9IMHGlXg46wOSSeNO6Q1IWmFwtsZw4zgd5X-17P8fF3r6HRWo9KOczksLFATpmyDAXCnMhjrHDmIOLBM1Q2OpBN8BxN_F_miSqTNSuD9XmCuXd2qh32Y0EWaXbHUdg_6N9Moh0iXDzZr46c3JqYmoNUPKDRMxR6hgweeZU_H_GfoXXBZ9oEdJGzxD_GuPxC64ebbFuJP5BfS3NYd-lXTpZ7qPCiYZrymvbcLq-r2cWskTmhvn3MVJ1EVa_LFFMw2Q1sKu4vfihcUnYQ9AVOckhsy8e6JJPByoogDSc3nRBJXS_HGPr4P_bKNW70tPfAcTdAnmOSzOZDINB_J_MRKPPxGl4rFxCeRpF-2Pw52Esr2-pEzTAURq4047iB6FOHGXaRDr3vo0tBxiFsO9JPMhRIq3Wse_H_Mflb6jEhw04dv0UI3pOBqzpn7Hc87JcfzW7S0pCK_5Q3x4OrYhfY8eV4uY9oQyM1eqO3QnAfZ9ljkyCbC-PaHMsul8IVrYD2TLoi9pgQ60IyXQ5v7fOXVkji_pZijcVK2eoto-ekogGrFQHoPIl4abWQzZZ73dcOybgk3qkYcx_JlDbSf_Ud0vM6EEpFKG_WILGBsU2Q99UiOu9LW7xb5o4bPu7fvQAInNA1lTlPGvN8tZB-zAG7KrenVYNBYXYrPVv0KKJmdiJ93QTOuyZrecQUxFSU10XmUlZGDLe5GzthlX8VK3vkKHjIYaw0VjlDMVqVvyY4jkThDtA_9juREoiO1Cv226ma7g3SJqNf1GvM2O3HVcTxQre8-AI44ZB-mQK__xKhZKTtoSuNKbIhHaRGt_7mcd_f6NQAvBmcTC5MIIuHn8JPIi4P3og2a7MOspB9sss_mj-xFbyi7WtSzAZ3182xYiVSiVwfqI-JQWX5l2ogsIFij7IM7kspeGHGClsaz15keBOJnDnn8YERKWnCmfli2S--oJABOibjHWwmiZGst_00QFz9wz_8voc85qbFEyTCVXanbnLZeZMjwG_Q-uxtRMD7fMikvVH1JZg00i7OsqAicYTQwMC_DbLqnwlSJdEMgkfRN5JTZzcvpYn5IyQrK7lfTVw6SU-u8I_RCSRTtv51HknV8VQyQrm4A_fyx5nvD20cl7qOw5gKAc3pZ4aJ33_FrlsHFYKAEmWIqcejOgZyb31-7IWvnqe7v6Ao-3cszeqmMx6o-JKEO_iu8dchzNLpRfJfNtQQS0WcHw5szWuoYzFoB7a-fAJsDsp0EOjmzRiuqlI8ugWtX0sFE-u1HsWJdbwQMsUGEIjo0Ofoe_V9yLtjXCYKwiENDX9SDPyrqW9YTLmXeAQ0UvC-Pt5mJAqYBPIpQ93X1wftKde-eKEKpEfO535qvaNPR4ScnLmBr76u7iN9YsEBzdqOAO2WIj8IzQJejcLD_etvhJnI9NVWDJ9-D5orAx_zI4-DahC9BR9yYgH-rbEfSRYWKyDF0RRMzLCrJvN-7-qiT6x4lUOIxOWiF4eawYmiNOQXkLd9hG78UKuKf3OGA5ouquF_f7WjwLan-_cJXu4LyE53kr-7vbEpxyp02BmOsl2ubciv5FApuj928c2wmDCaEWJhpk0oibBV6XBQquxavzscnSNRNkQE4z-RC3rn6obdPs5mE7xcusYRs2tm60GP6zNT7IYmwCxApBk4uloMWZx-Qr0HtjxOV4WTv2vBGppVzr3p-y6vSDcR9EwpXJj-ZhAGH7tqzmNhMlMrmko3_xyDZ1ovvzujycghG6r9JY51M4zP8yclSvpFde_2NF-vc4JkkV40Jih50Rj6L8Ce41AFt5MnTtDf7tCU0a4yl81Dvb15dUGbsBh6XxUpd8mzTjZZH8bc5RU_bbAr5dme12qvqR76vT7BaBBOkmzgrBsIHZ3TBqoRY5Q5boEqkNI6AsHmgM6qk1UZR33liFpEGinDIIPHzebhdefXKuul5MkI-oT8Fk-t2tO5scyJwLxRVeTZ1fPV0P-mSHR1j2a-82kqVebo0Y-9CDIBmIng3aeqjeSoe6hDvvG5z3zuO090pWPDfHbeeqzeiXo-D7BpbXa8Qu4SR-XSaUAtnQZ1c9v-Z31H71c7CqmafkqP2aY6R-ZtSRL_BqX9i4vfulD-n3FfwqVBC5iLWPTBTrwtnrr7Lpm9LnwXILtOZiD6Z5TjyUmif8hAqun5uBSwW9QAFXdd1YkKJ2AvuQkawh-aeo2fLYBcPeBnVLZ5EKcSn-Tt-dKsg9uVlOWcYTjggSC4_NxUVYF86MGUzuJxQFzdOaAASGJeGBYlctwpKuobIt2saaOPeGp83bdnA3sdoTg0SAitJygRcI1ded-UtPlqsXrb4D2E1EkVh9YpLYRI2LbRIdt1UCW52Xc4P8Q3M6oXCGQy-vj2Cnvr8GprK0TaYQpXQIjw8_rrITKW_ls10ijXVnKVR1TYgMBNT4YW_61lWOGP1aATSpaCcYjAktvYhdKKADvP9I_m55J8MxTwZ02ddpTNUTvpSlMLPL1IcLdHit77bpyr57XkRMW1MwFBX8izsksid5tbUp5jZOmw_8LX4g6X-wX7BJX9wLffovl77VatK8C3lf3_vfHi5bSWDT5FJtkdSAjAJHeWPwxMZ4Sf5tUXPQjBMdWfH8T5IGn0sgNTwWQzO6IIE1Jbrh0IEEiuqi7zC4I7f1Tl-PUopNm1wgbCfVQGy5kM47yn3bPfZLn7HhVM78OK3501uZLMxutjrOhGiPty2Ri0TraskJaWHtb8CPAPQxoIy2w5YyWM0ViAnGxq5mTh42nhieJ-vqHY6pucgxrr9GZf0HSQHjYZCZSGQWlhLMCa7EX5Z_n2j_f8mFKIc1ityjMqwHf4qRSKf4dZoOH5QO7vCwzPfxs1jBgBALEhcL-6lA-li4GpOsD_6y52rQ5HNTovqDvOvhO3_s0Z_2dr9XsNLp5nMEAY3Px_FAAbR5eyQsqmZJgImiLOPh5uUNs14c_wd0PFz_kRVKUj2PSANKVaRs5tL-5LhOJjjAus-szYbbYFbF-UG_RrH1xIwbMH0DvyKgNjuHJszVw1eItxDZJPBXC-wGONLkdDpv4OUJZpoEhtFobpvluFgw-Rpsni5xEF480IRPug1z79vRcWVIlgktHGlWOMYIiJVbTK7JUTJk_t7DgmiuFZuy7OLNdtyi9uiPthza5aYNZJBGzDiy-1TJ2js5_8oMsKI&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

95c7880f68f6f51552c968e758c6c35937f3811f251a8a69a8a9bf85c7da6669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17608
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E484 38 KB
13 KB 59ms
54ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 432213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 06:03:09 GMT
expires: Fri, 14 Feb 2025 06:03:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ED65 38 KB
13 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 432213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 06:03:09 GMT
expires: Fri, 14 Feb 2025 06:03:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 223ms
114ms Preflight
text/html 172.253.62.157

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 06:06:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E484 39 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:01:52 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 0095
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1288019/67920851/xbbe/creative/adj?p=APEucNXwIUX30eqkL2hS_2SnJbCQv4xGW7Ds9ME60H0MZekFO85ztJg&d=CrkBAKAmf-AGiwLFBeeME0LnTrMXEK1J0mi6qHkiTj6oxrqhTQfHzM2GGyFuV_I...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

734ms
55ms

Script
application/javascript

2600:9000:24f4:b600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:24f4:b600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:19:48 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 27902816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: HYx7WWjLmyYQDBDoCjRcq9Z7yYUxKl7antnwW4dVzNn0oaIO9aCm5A==

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:42 GMT
server: nginx
x-server-name: app43.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F137 91 KB
23 KB 878ms
64ms Script
application/javascript 2600:9000:24f4:b600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:b600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 27992129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 72wV9Wk_BwcKUbEdbSTkfMmMNDy7xO7Ddplwqwrz-_4siGmEk_iQ2A==

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame ED65 39 KB
15 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:01:52 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 15EE
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1288019/67920843/xbbe/creative/adj?p=APEucNXPBlxx3G4Kv7yuvwp4rYFv42jch6PIPDrDY_7cF5MzUDh63nU&d=CrkBAKAmf-C5p0cbsro_N_YgEHBupUvzdBhn-RZNh2MO9F0iGS8fpG2qr8A3Yfo...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

730ms
56ms

Script
application/javascript

2600:9000:24f4:b600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:24f4:b600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:19:48 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 27902816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: SEhZ6W00OCLwQzGLZ7IKEZPBix1gpj0zQrE2Em88zywj_lOBrjWefQ==

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: app25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 692D 91 KB
23 KB 857ms
112ms Script
application/javascript 2600:9000:24f4:b600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:b600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 27992129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ecaYUidiwqrziSm66ofe2cF_la2NfIBa2dfwH2gJlqyhGLGQHovZMw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 851ms
111ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4Hpy5x,pingTime:-3,time:148,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:36%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 947ms
211ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4Hpy5z,pingTime:-6,time:150,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:36%7D&tpiLookup=ao:ai.samsungoneui.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame FE0E 0
54 B 1151ms
445ms Ping
image/gif 2c0f:fb50:4002:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lstyq9dr&c=3453769997693&slotId=1726884998846.5&qqid=CJXwiZyguYQDFe0kaAgdDl4JVA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FE0E 41 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 02:33:53 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FE0E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

219ms
58ms

Fetch
video/mp4

2607:f8b0:4000:22::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/494ABD29F93AFEA4ACA47C7087BD24F94A30D8A7.326D362361ED211BA92FF83CBA6BED05C7EB2E6D/key/cms1/cms_redirect/yes/mh/P7/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7y/ms/onc/mt/1708408127/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4000:22::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 06:06:44 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7779770
Last-Modified: Fri, 09 Feb 2024 16:56:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 20 Feb 2024 06:06:44 GMT

Redirect headers

date: Tue, 20 Feb 2024 06:06:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/494ABD29F93AFEA4ACA47C7087BD24F94A30D8A7.326D362361ED211BA92FF83CBA6BED05C7EB2E6D/key/cms1/cms_redirect/yes/mh/P7/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7y/ms/onc/mt/1708408127/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame FE0E 453 B
594 B 54ms
52ms Image
image/png 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2087125206344869

Requested by

Host: ai.samsungoneui.com
URL: https://ai.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Tue, 20 Feb 2024 06:56:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 15EE 43 B
215 B 902ms
211ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=5f86eb9c-8960-7e90-d54e-628780df50f4&tv=%7Bc:4Hpy6k,pingTime:-3,time:123,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:124,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C141*.1288019-67920843%7C1411%7C1412%7C151.1288019-67920851%7C1511%7C1512%7C1513,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:32%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 15EE 43 B
216 B 796ms
110ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=5f86eb9c-8960-7e90-d54e-628780df50f4&tv=%7Bc:4Hpy6m,pingTime:-6,time:125,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:125,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C141*.1288019-67920843%7C1411%7C1412%7C151.1288019-67920851%7C1511%7C1512%7C1513,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:32%7D&tpiLookup=ao:ai.samsungoneui.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 792ms
111ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4Hpy6w,pingTime:-2,time:209,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:638,beZ:640,mfA:644,cmA:646,inA:647,inZ:652,prA:653,prZ:663,si:672,poA:675,poZ:710,cmZ:710,mfZ:710,loA:787,loZ:791,ltA:846,ltZ:846%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:209,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B197~0%5D,as:%5B197~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C141.1288019-67920843%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:36,sinceFw:170,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 15EE 43 B
215 B 790ms
112ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=5f86eb9c-8960-7e90-d54e-628780df50f4&tv=%7Bc:4Hpy6y,pingTime:-2,time:137,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:749,beZ:752,mfA:757,cmA:758,inA:759,inZ:764,prA:764,prZ:770,si:781,poA:783,poZ:816,cmZ:816,mfZ:816,loA:874,loZ:879,ltA:886,ltZ:886%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4NUUv1+11%7C121%7C131%7C132%7C141*.1288019-67920843%7C1411%7C1412%7C151.1288019-67920851%7C1511%7C1512%7C1513,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:32,sinceFw:103,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C97 42 B
174 B 119ms
117ms Fetch
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF2Gg5XLQAzyBZ_Bs7M1jLA5ssQZkiWwcOe9UMFDJQlQhZ0nYK6miV3lwwXUx6jCqc3EPPgsrEoSee9Re52gn05b6PrfIZM29AKI27YpaNE7V2PanV97g6KnaVW367tE8J5i4HK2zagjLyml0gqtuibIlX_yej9So&sai=AMfl-YT4wwD73ox_gWoKcDTUrJFnnyFsuOvJ27YFkwooe51xMSIuyHVx0CjNJXR8AS-UhaY6CXKewwmaCco3z0op62ofZYT5JxKCqMzZdYDOuzesQ12EfupMm0xG9rrcToFrKuCTeb0Sh2OFJGE8LkSJ2A&sig=Cg0ArKJSzDHe4QmQXbhdEAE&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&id=lidar2&mcvt=1132&p=0,0,600,200&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=434200200&rst=1708409202046&rpt=555&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame CF74 23 KB
8 KB 55ms
54ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 443726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 02:51:17 GMT
expires: Fri, 14 Feb 2025 02:51:17 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0095 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff7cebe409046b4450b9ca71f36df380c355defe2d9d78fd600ff1aefad04036

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame FE0E 0
54 B 441ms
439ms Ping
image/gif 2c0f:fb50:4002:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lstyq9nu&c=3453769997693&slotId=1726884998846.5&qqid=CJXwiZyguYQDFe0kaAgdDl4JVA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1875&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2fo~atrd.2fu&ua_e=1&ape=1&ple=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E484 0
20 B 118ms
117ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Be7VOckHUZbzUGeOuoPMP7-uIwAsAAAAAOAHgBAI&bg=!h4SlhMvNAAZN4L4YbeA7ADQBe5WfOE0rI844V9cAhVg4HiGcCj0h7KJFrfyAF57leAKJ3OFEPP5nGSI0x-trnhGl3Lt5AgAAAvZSAAAABGgBB5kDDPgd_eUrCEi5sEWKiUWCCeBl5HLMUJYrbRvfKaP_rsaAZjDJooTzYjjcS6tk3s_n_K3lTkaQToMqtqudYXF13upelpcbNJdp9ixWS8FsN_VM0u7XYf4EA1c-4e9HqeP73XD1iGPT0sSE8F1tBU8Ak718RsOJoYiB2GLcVO5AvAIC0kUbg8Pta8vO1Mqmeh52DfxWBLezFdVr1OPBPC2-ovap9J7yuVWx6ZCb50ogxxJ5f9uWY_HnMcsH4PUUJ52Tf0rY1NyPwhXdG8vcN7XAaBRvQnrp2wUkCVR-ShAHr_8sks8uLY7w7wDG00jDtHi7owBMoSPEni2CKcMm5WJFrN9tv-pxkRQ_Qno1hHpF5Z7ssQGDI2qmc9mPia1ZedArkdhpPxrqNu52dSva_4ylMxdDpOoIGd7Pan9LP4vSkXUSlaP_u2TDD6Ei9Db6l6tnXZ5fqeUTiek_eKCtehXMIrzdH8UGkvMEN2WwMjjSXiTJWJ-ixwwPSs0nZ2HHiXq4fyCKTqQcX73M4YiFge8w81On8dft08ZTRrX4ne5zTSEtRi8u1caob40yc_yYDE6y7b00LbYmmE580-mC0mWxTUpatwFD5ONG6rEr55WpJTd4pa0L7YV9TyKM2Yst8bKf68qthcSKvvNzWRa0684ID_MfeBnT073g07vj5WuODO4FhdD8JTee9epzyiHe0VVxsKguATHXQ2RfHL46MxIjWrrbrSarYBIIOo6FZTaeB36y6rcahFVizNauf6k7mdrECIFg8wdVOQM-1ww5rnyZ-_O3ebVCVwcPwXY7mHUsFsnTgdERJcgK8pKxFdwVzr9gbynudx5d4nL9Dji6zrK57ahYyGzp7Cx3YhmjRkBKkBdfnMpmKgzGH0LkJ3Ege0QOcU4hZN3DSPh6k-zxMwwDoXdMTCTgR5Tl55AU41uowSdJu6TCKOuzqaxL1veyE-Qr3ByzMAxfh69dkfEEtA1vCfSDi34a-D2MzCBV-VuZe5yaCQvNMJIMpMR_o-jHGXt6FNJi5PbiuWScDdHM7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED65 0
20 B 118ms
117ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhNCsckHUZcCDG56IoPMP0MuaiAwAAAAAOAHgBAI&bg=!HB-lH1DNAAZN4L4YbeA7ADQBe5WfOIZGawCusE2-HppR2KS6z6nBQU_TenYMXRU81j2zzX6tW84zjAGS1Y1BPW-2OynbAgAAAu5SAAAAA2gBB5kDHhZwmnz8hajSGk6svFIU94PMiqFv_wNifFuK8MhTN9CJ_LxO27u_WJtU8tHKJJbYJZhMuCrzDDqI8gfoB3bTEiV3o15HWN0nUt2VlplQMABqfUgBMfVqn-8-jAIto8R7-YwieALJuOnYLgKIDTl6zhMuZe0AcIMStt44watNo_IhOCGgqxZQpPrR9AaBALDEl5gBZgD7RGLgE7cZzx56XDX3jPSRCTmSfkv_a2Sbdw3TglZhz-eyivUzj9zhL1C-fBbXxbl2yXTkaMRvCE8GV_VEGnkLEAk4Ym8SWywQIFHgrHPK7TQylOH6nE4mKAHFpw1sqrM82LCwosq8wlS2pX1BBzg-P7kU1eY6BUgUbokwlaiBHUq7BChVQbVU9QDjiieZYZh6eLr7WVerwkapnW3jLUrbfr7YIK_TTB9rnXqfL2sKj4-53B0dbQPHMC28dg_DPtS8YFRfCucPcMupjUC5n1hxz3kpGPE9LjxL8mdaWFdzdmSTMFumzqMb5s3FasM5nx3LhG5vxqTEWLXWMS7_qqVOOt5sy5mhkkupQHF3t7VOF9dR_XjxjM_a-2u0LhRAi3Aw8XZ28T5NUoTDdYIuiDy8x2YI2o-eprS2KqGTyG6st1vTYfccu8LnYrtKSu20cOG9Moo4IQnVI_UErfDFqBFVt-MW-4vnWOf6BnyY0lb9Y6rAqBAG1kOM6KuauOdgzMqgbrYeFM5oC7ci_cXbpFeeMW06qNCpuW0wT7DiDkwlk44ix65bd09tKtV0AjE4PVkydruKQWweXlTEpu5Mi5IjRwcj3jrloSoBU-Lz6ZFs4ZYlviKDfxTw9FmymRzma-FYrF-aupGcPccU_-0yFQuT0S2e07Sb2FPlT95EVV6sRWxzTKDetM8LJNeKGxxc7lUO0kpoPjlHT_ZXPL2DcTi2peOx-JU3eEjyfuSVHP-Rs9W3rMk_wNDk2vlfg3IAtn-3uwORruFQDEW2gX91AtO_Vee8IiJR_BiFWm5nmlnSr7JFYFZusUnH1LpYidh8EweQlrm3i3CTtKqMQ0Cg5SPZlryqy9qOTHUGAw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame CF74 39 KB
15 KB 58ms
58ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:01:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 84ms
84ms XHR
application/json 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3e17db5c14849e39842f0d161944e934011d2a84c8d760e8dbd68dc6904b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12347
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15EE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c897fc4b364b49e5cc22a2449e843a3386dd0c034249f3546112e99632ea0f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 113ms
111ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4HpylI,time:1151,type:e,im:%7Bpci:%7Btdr:1048%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:19,o:1132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1120~0%5D,as:%5B1120~728.90%5D%7D%7D,%7Bsl:i,t:1132,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:955,fm:u4NUUv1+11%7C121%7C131%7C132%7C141.1288019-67920843%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:36,sis:995%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 06:06:44 GMT

GET
H3 206 file.mp4
r2---sn-q4fzen7y.c.2mdn.net/videoplayback/id/1dd4376fb3a81ad3/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739945202/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FE0E 259 KB
0 121ms
61ms Media
video/mp4 2607:f8b0:4000:22::7

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:22::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 20 Feb 2024 06:06:44 GMT
date: Tue, 20 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-7779769/7779770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7779770
last-modified: Fri, 09 Feb 2024 16:56:51 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD39 13 KB
5 KB 61ms
61ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 17919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 01:08:05 GMT
expires: Wed, 19 Feb 2025 01:08:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 082A 829 B
996 B 70ms
69ms Document
text/html 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2476a603ea0ed5a10be22c191bba09e23ec5b6f65843631d464ed245b64f782b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sjgsdqaeViwSXzg29X_Tgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ai.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sjgsdqaeViwSXzg29X_Tgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 06:06:44 GMT
expires: Tue, 20 Feb 2024 06:06:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF74 0
20 B 117ms
116ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BaZGlckHUZbCHNq_QoPMPtbCouAIAAAAAOAHgBAI&bg=!np2lndLNAAZN4L4YbeA7ADQBe5WfOJVAa_fDq1T_QxE632HGh7Rftx9M4rQ8tNc5dt0zD2Aur38QVhUi-zOi35FsVmAMAgAAAHZSAAAABmgBBwoAVPHZP6VyVHTiKYnKcOAg-EC8TAWuUfaF7V7BCslSFylaMJW-4Ge2gXbxVQhbwqSd0uNlZRU8qB8WWPiWCA2Lw0k9pj5OBtdz8BzxnmMtK4oxAtWrNJkDF5Yw2UIZcIm5e-ezEdXJX5_hR7-5uHwMjVsOscAfcgmHM04XB5OtVz9Z2zL41egaUTdGsfnnXbcl0hgIDY5wyfsIL5TFJfLdmkXH2H0Vm08-WGEsCCxFkWrXy_T5cdFrdr2WZUfHc0yXIpOWXzgbmrEHP9XW8hk4eluuP0lyJwSjWctuElUuyZVs1g50Xm8PIPPvflTxla5TjAk38TzwYKKLwp64Wtcnxqo6hjVd8gdR7socwB-5SDMMksFeAWQxnW90hMaRqP9Rh9q3j7m0jauYDx7xCFmtbZHEOhPV2fGpwgHpS1KAyeYcFeKBhuJ6gCsu_9xpqEEpY3UTYNxtYIk-L-n9XGjWMLzHthZlXWynROCcA-puUxA57xqGkkYwsMDnpcDTPKQMkLDbRQyDR5ddjwEe4vJ7szg5Tcaxv6QmIc4ZZfjtddwtpkDSVf1vq2g478U4wqJCt8JVfX5xwLSh-1QrW-nTIflb3R_FUb3t8rbniBvfLFacTcVNySbbr-ZfIzJT6NUguvw-k1j1xkhmR9arqV85gQ4RGt4Hi81qQwiU-BHJd77aVTRtpEwnKO1T9jv89K4Uik-MHxwNgtEVP7JHau_XPi7ig3G40uRmShI0DRc6J12rzutzxqo6grK56HeklCS6kw2M9Xk1HYMea3n2GF-vnP-eATwS6DL3SrBa4VD7YJ5KIT1-FGyKnKAWKiSmFDauGVPfxg18Fkvh52-nu1b5xdTEVlsDEYABGUdjjp1x9L6qRj5xVP7t6_ej5S9fx9GEGEUemDlaLUpN76tjlsKr1QNdHiws4gwW-0jsCAY0chaCoxrYVwRr4XEyRbTdC63ChLDSv4StPHD0sFrsnOEqwrFn8saorMb-3EIcYrHbxY2RgvoRylQRvogigmLvpbRHj4yScjn7b39IQ-n8-E5AhI9YLp2MvKE2cC0vz6PhRC28ST-rVvKbtKEQwAc-Z0fWzRtU79y-AJ-Wpr41kzTt4zkyP8YsYVhP8CEAlYkicAFEv8_AJUG1QkY0FTMyTgogAIgr9qNBrUPnlYBmjYu6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 15EE 43 B
215 B 114ms
113ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=5f86eb9c-8960-7e90-d54e-628780df50f4&tv=%7Bc:4HpypQ,pingTime:-10,time:1333,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708409204273%7C%7Ca4120f1a1b76dd89c13e29ac39e1171e%7C%7C1605e69839cb81a076535f1842285622%7C%7C3dc0b7c5d6b42d3f3d8cb6f83e6db2d3%7C%7C13aafa69fecf01dd6081d8e1bae4657c%7C%7Cb654452c1c9fffc2ca425be7dc4edd7b%7C%7Cccabaa9e815a4a30cc5650976442ee8f%7C%7C7cf475f15338c6be2157bc3aeef2d01e%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 113ms
112ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4Hpyqa,pingTime:-10,time:1427,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708409204293%7C%7C98bb7efaf9397fe387db5956c9d7709a%7C%7C1605e69839cb81a076535f1842285622%7C%7C63a346a2c56d554d3cec24d50054f656%7C%7C5c30474eaed773ea67c2d638c5ca309b%7C%7C232b80f7d292324990cbc3036e9ddda2%7C%7C9bc93110290eca40448b1d913de2befd%7C%7C96d50e3a73f0c020191cd3a1c0d7f1d8%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD39 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:01:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 082A 0
0 123ms
123ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=3950747913031225&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 15EE 43 B
215 B 108ms
108ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=5f86eb9c-8960-7e90-d54e-628780df50f4&tv=%7Bc:4Hpyuk,time:1611,type:e,im:%7Bpci:%7Btdr:1507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1600~0%5D,as:%5B1081~0.0,519~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:124,fm:u4NUUv1+11%7C121%7C131%7C132%7C141*.1288019-67920843%7C1411%7C1412%7C151.1288019-67920851%7C1511%7C1512%7C1513,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:32,sis:957%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD39 0
10 B 60ms
60ms Image
text/plain 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5M3tgw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:06:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0095 42 B
64 B 117ms
116ms Fetch
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9euV94QfhE3LsfdNR7JwM0Ez-3rBrCXjhVIPuvD0yHjIbcjhNoNvGRVlu__YZf7wfyeHqcHOBd9vfda9YDgIBpyouiOuLoysnmw3HKrqHGIgiCroUEiqXnbdUJ0aH281q6gyOfUpBBczcUq3Po-Qbn4hIuaLZkA0&sai=AMfl-YQzB-1YMoSJ5LWVhzFW7M84TU1P-2mYujWMc6F-4UKEpJtHE_lmBxiRJcZEdlVEXbqbcYUj6A2X6ht_uelZZdMBr8ENuC6Jq9gXfME7xst6LYPx3wB-E7nvBx84TJ2Gp_dMqIl40puy1r48buOScg&sig=Cg0ArKJSzFo_xg7LaQxsEAE&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=434200300&rst=1708409202231&rpt=1657&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EE 0
20 B 115ms
115ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1454462214615&version=m202401290101&ct=76&x=1&cor=9498461464391020000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0095 0
20 B 115ms
115ms Ping
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9850839779750&version=m202401290101&ct=76&x=1&cor=16753057816732002000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 110ms
110ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4HpyCM,pingTime:1,time:2209,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1132%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1077,o:1132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1120~0%5D,as:%5B1120~728.90%5D%7D%7D,%7Bsl:i,t:1132,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1077~100%5D,as:%5B1077~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:u4NUUv1+11%7C121%7C131%7C132%7C141.1288019-67920843%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:36,sis:995%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:45 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0095 43 B
215 B 112ms
112ms Image
image/gif 2600:1f13:800:7782:a762:874a:bf4:b6d5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1288019&asId=9abe764a-c334-298e-9bb5-8d3dad8d909c&tv=%7Bc:4HpyCM,pingTime:1,time:2209,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1132%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1077,o:1132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1120~0%5D,as:%5B1120~728.90%5D%7D%7D,%7Bsl:i,t:1132,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1077~100%5D,as:%5B1077~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:u4NUUv1+11%7C121%7C131%7C132%7C141.1288019-67920843%7C1411%7C1412%7C151*.1288019-67920851%7C1511%7C1512,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:36,sis:995%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a762:874a:bf4:b6d5 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:45 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15EE 42 B
64 B 118ms
118ms Fetch
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRiULHab1TKw2pzVVbXxBD6mf5__8RIt244A0jnjdGKhsAoqjM-BzvgxXkKUIart0L0ACEL1JTuzFuNNgnOZi1FF9y0JDiaB9jeS2Ra_XZGW6htK1XIli3zTyhiXOCY7jLCCGdK5a3FB2aKm_5br576WuDJbLAe8A&sai=AMfl-YR0zvQBug-dCHRNtCfPQLPPkUOHqdjZm7jJoKzywm51UXyiN6edGrSrAKRxw8YmKVChNjpYPFfl4XH435KrONoY5T-3lLENI3oNOUuW5I922ETvbHUtrwEjMLRLbQy7PLVSfJm24GeHeF1kgVLwbw&sig=Cg0ArKJSzDVSmfJ5_dEREAE&cid=CAQSTwAvHhf_-xZCUEbJ8aTGKzt0_7fjkguYrkbmRm4I5XtjxjSaEkVym4pRTXwJPPZp5S2GQqrEVxkaVMbMVEdcLIz80YdRsxJYpQTgLisANLwYAQ&id=lidar2&mcvt=1050&p=0,0,600,160&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=434200300&rst=1708409202193&rpt=1729&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 06:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
116ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=3950747913031225&bg=!HxylHFPNAAZN4L4YbeA7ADQBe5WfOJFjIOlaReLoprBGoqDMAjvHs6i1DokhdTaL3CeO2S-4C3h-NPJPkEDJxdEed8jLAgAAAGVSAAAABGgBB5kCycU9n4s3b8wS_bVM_MUSCWoB2btDoBZy-JU1epggajm8sYEHj1Iz05H4x3aPDZsjWlWF6i7Du51-saKFx0xjoqIvq-cVGTBfZFhYdha8a4wBzoZA9d7nrt1TD0o9MFQ-F_V3Ps0ZlkaV26oPmqxrYs3QBvRBBOLOUDorcbN8WmUH6oo9Xf2YVtAll3eOIsknMfPhqSM4vx3Ztq-RzxQv09Rgowy9Oi_7FBSH_4lcCtN_YDizosQAvBMaQ_aAK7tLirEuK16HBxi5VDucemyqLcqNANBWHyTh7Cg2OfuUyBUuqYKHKrJcTErvHJOkqgHsnJqt-xPy24x36PIyfL--OXl42gVVQH_2Bn4F86YaMsf3PGOXqB0ub-Pz087zXypVvU9dGFAK0SIPniKe3ZnAQFIYxcVb7804kWpT-HCHDq9uuN2djG8uZdIUK4_lLLnGrSPb_ngevqw3E6PRIvW-ikaSQM4Vt8d1yE_Zt1FSwpHKOvYo-Fr4rx1w45JI-yHcZFffxDy0ht0adcMR9U8b_V3PACNyBNTuvtDsMP0gcCbA12kXKk_Pl0E0DvjQpMnWTCq6NLDfTROtpzTUUjFy76j7XgUebbZaQXkJdp4LQihs0AcVawbi4S1s6T68cYE6IQvK_HVw-GvR5Chq8082z5GnLx_Jbh-0ruQ03z0YSmOMHPd_mF55zYB5chnaagJ-y8aqn7sBS3bnQU0w14-zLLvn0bLTJQHXVykD9wNlVRT5BupZbPJAyl7XYLP35CyU0h2qtHHx8opJ3p4WvfSNYp2tSlhtJEOf1TJoVjE9ijcVqD58spRR-sy7HCg7MpFhp1dWKCiH7JeJmRJpZQOBIkaAFWNwM3MUHbI9Zv-oKMfJEjV4nt2aJNFeyx-L9xDdXCyto8Wk2y5qorlpbPPHaZPqVHQHLOpo1ueBP8gPRNv2qcexzvJeAnY5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ai.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:09:29	Name: IDE Value: AHWqTUnNRK709tAb2jdWDYBnkkWOl59AldzvX8DIGJmHkAU7lZ-boDcQqxtBpWhf
.doubleclick.net/	1970-01-20 22:52:41	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:19:05	Name: CMID Value: ZdRBctHM7ysAACsjADX5PQAA
.casalemedia.com/	1970-01-20 20:43:05	Name: CMPS Value: 077
.casalemedia.com/	1970-01-20 20:43:05	Name: CMPRO Value: 077
.doubleclick.net/	1970-01-20 22:52:41	Name: APC Value: AfxxVi4EBWuTvkmvsvfV973ybgWvPCvazRk10WYFc43llo6U9P2p8w
.samsungoneui.com/	1970-01-21 03:55:05	Name: __gads Value: ID=986c1f53854b309e:T=1708409200:RT=1708409200:S=ALNI_MbNkVqanYlaJn5THwE-WriAwaJHJA
.samsungoneui.com/	1970-01-21 03:55:05	Name: __gpi Value: UID=00000dcb824ff3e4:T=1708409200:RT=1708409200:S=ALNI_MZIVwXm-00BVqYjYUmb-QoMMkrM_w
.samsungoneui.com/	1970-01-20 22:52:41	Name: __eoi Value: ID=f3e8a5fb158d12b0:T=1708409200:RT=1708409200:S=AA-AfjbhyfLUejlpC6o21rUf-7zr
.adnxs.com/	1970-01-21 04:09:29	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:43:05	Name: XANDR_PANID Value: 4kpQCp3XHWvYDUiUjL2j2kvdHYxu5WTEy2hK3Ms-mp-ihYtu3ziUvXRtc_4PKuW6CvYAmMk0trmgxpPn_ryHwZGQLIWEsLjwEH4nTGFhHX0.
.adnxs.com/	1970-01-20 20:43:05	Name: uuid2 Value: 4025066245402171214
.adnxs.com/	1970-01-20 20:43:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImKJo]N=!@wnfH8K6pQK`!5=E<L5?%M(hj_GV]QiYduu.l7COWy8OpT2@X%l+eLBz3%nugO%v4VB%nmxI*'?5)
.doubleclick.net/	1970-01-20 18:33:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:43:05	Name: ar_debug Value: 1

76 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://ai.samsungoneui.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1(Line 70) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ai.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai.samsungoneui.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r2---sn-q4fzen7y.c.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.31.156
142.251.16.157
172.253.62.157
2600:1f13:800:7782:a762:874a:bf4:b6d5
2600:9000:24f4:b600:8:48e:53c0:93a1
2606:4700:3037::ac43:8652
2606:4700:4400::6812:249b
2607:f8b0:4000:22::7
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::6a
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::64
2c0f:fb50:4002:80c::2003
54.87.223.96
68.67.160.114
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03955f77c5fb64853ee1349aee217467d5965bd9339024dcc15df003efc75a54
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
061c94bbc1547b4e3041825cc0dcaf948fadc27fd930e48a0cf248b3ceec3e8b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
15c897fc4b364b49e5cc22a2449e843a3386dd0c034249f3546112e99632ea0f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f396feb42b18de2349149392db1f31e50bec28a2ff440eeff38d4afe039e2b1
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2476a603ea0ed5a10be22c191bba09e23ec5b6f65843631d464ed245b64f782b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
3f3e17db5c14849e39842f0d161944e934011d2a84c8d760e8dbd68dc6904b22
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5384759f25eb995f8c8b869363f088fc7dac535a2d8daba8c483df63089adc35
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a8432ddd05efb9c2023056919d0f13f0a08dc24c402b171381d628d795323a8
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719bfad46980ef855e7979e30962e8deb3a86f8eba4cb58384941958cf0e0950
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95c7880f68f6f51552c968e758c6c35937f3811f251a8a69a8a9bf85c7da6669
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a69dc8ab6664922c44da34d8074cbd35f349e4d6e6ddea70e5976a0e1f4b3332
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
b3783783e3f8bc8e5bc6730945b5aeae53d24430b10b39aa745fafeb7121cbda
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd05548c630b9f49fe7c3012e0a57ec9209934e6b05ca05b7ad48da16ea8e3ee
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d608b0e61a5081b3727f80dca34d697781edf908258e27f33e474953ab541846
d6efb5c0a05ac112bf0726b9e9b82f19d4b126ba7a9f53a5024a6bbd347d9dc4
d959ce9d1bb86b92614f22a137c086b73fb0cca6f4638a5e90b50f23542db3f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424a4ce9d08487dea732501b39364d83d4da9fc3fdb428a24cc914df3512d37
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e768717a733c1015a13a5d9562ba1514bba6adf74934a1ed1b6d636520de2535
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392
fdb62347660cf35b89fc0ebca41cc07ade394a78a79f3315d971cbd851d9f17c
ff7cebe409046b4450b9ca71f36df380c355defe2d9d78fd600ff1aefad04036

ai.samsungoneui.com Open in urlscan Pro 2606:4700:3037::ac43:8652 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

90 %HTTPS

75 %IPv6

11 Domains

20 Subdomains

20 IPs

1 Countries

1633 kBTransfer

4945 kBSize

15 Cookies

1 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ai.samsungoneui.com Open in urlscan Pro
2606:4700:3037::ac43:8652 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

90 %
HTTPS

75 %
IPv6

11
Domains

20
Subdomains

20
IPs

1
Countries

1633 kB
Transfer

4945 kB
Size

15
Cookies

131 HTTP transactions
3 data transactions