www.greenpromocode.com Open in urlscan Pro
2606:4700:20::681a:b4c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://greenpromocode.com/
Effective URL:
https://www.greenpromocode.com/
Submission: On May 19 via api (May 19th 2022, 9:38:29 pm UTC) from GB — Scanned from GB

Summary HTTP 136 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 136 HTTP transactions. The main IP is 2606:4700:20::681a:b4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.greenpromocode.com. The Cisco Umbrella rank of the primary domain is 307074.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time www.greenpromocode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:491e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:b4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	192.0.77.33 192.0.77.33	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 25	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400a:808::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:401f:2::8	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
10	142.250.74.130 142.250.74.130	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:14::8	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
136	25

1 2606:4700:20::ac43:491e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

greenpromocode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:b4c (United States)

ASN13335 (CLOUDFLARENET, US)

www.greenpromocode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.77.33 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400a:808::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401f:2::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-aigzrn7s.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.130 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:14::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigzrnse.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	2 MB
32	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com encrypted-tbn1.gstatic.com	434 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	152 KB
10	wordpress.com s.wordpress.com — Cisco Umbrella Rank: 351085	206 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	5 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	162 KB
5	greenpromocode.com 1 redirects greenpromocode.com — Cisco Umbrella Rank: 305030 www.greenpromocode.com — Cisco Umbrella Rank: 307074	21 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	2 KB
4	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1326 r3---sn-aigzrn7s.gvt1.com — Cisco Umbrella Rank: 472096 r3---sn-aigzrnse.gvt1.com — Cisco Umbrella Rank: 428067	3 MB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	125 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	920 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	485 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	927 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4630	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1439	297 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	378 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	647 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
136	21

	Domain	Requested by
25	tpc.googlesyndication.com	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	pagead2.googlesyndication.com	www.greenpromocode.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	cm.g.doubleclick.net	googleads.g.doubleclick.net
10	www.gstatic.com	googleads.g.doubleclick.net
10	s.wordpress.com	www.greenpromocode.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.greenpromocode.com googleads.g.doubleclick.net
6	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	www.greenpromocode.com googleads.g.doubleclick.net
5	cdnjs.cloudflare.com	www.greenpromocode.com cdnjs.cloudflare.com
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	csi.gstatic.com	www.gstatic.com
4	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.greenpromocode.com	www.greenpromocode.com
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	redirector.gvt1.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
1	r3---sn-aigzrnse.gvt1.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	r3---sn-aigzrn7s.gvt1.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	greenpromocode.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
136	33

This site contains links to these domains. Also see Links.

Domain
shoppingarchives.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.greenpromocode.com/
Frame ID: A97A5D3366D65BBB94E0F324A35F0639
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html
Frame ID: F214DE9F303BFCAFB646D8E09DFCBC81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&adk=1812271804&adf=3025194257&lmt=1652996304&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.greenpromocode.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996304764&bpp=2&bdt=465&idt=159&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6885606545164&frm=20&pv=2&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 7B352EC6BD3F729FB85E0911B881B8CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13
Frame ID: AF530687DB86011AC5D142882151F0D8
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18
Frame ID: 8D18E1B74DDAD749EB34728D9ECDEB8C
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E87C232AD15895C71683E5056F924A5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Frame ID: 432349E1BD219B81E1D411A1465E8D92
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2351E9E25E06B68246E54510BED1BCDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F8B73E585F5EF98E01A6BF475F71EBF
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E871A4B405743153793FD1A72E3201D8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: B9DA504235640816A31F76C75E47E12E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 23ECEB7B60BF3C5AD833679C325BCDD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F843C777576F71DC7E20CD5A53402F5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD74B9E7BE9DAA1AA645D792C6427759
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: CF38E071DC712C7F745F7E65A4F8AA13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 32696706B2918979592C38CA950686E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GreenPromoCode.com: Promo Codes in Real-Time

Page URL History Show full URLs

http://greenpromocode.com/ HTTP 301
https://www.greenpromocode.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

136
Requests

90 %
HTTPS

71 %
IPv6

21
Domains

33
Subdomains

25
IPs

5
Countries

5389 kB
Transfer

7292 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://shoppingarchives.com/
Title: Online Shopping Directory

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://greenpromocode.com/ HTTP 301
https://www.greenpromocode.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgtomMRBCwCRj0BDIImeD1D1VBjKo HTTP 301
https://tpc.googlesyndication.com/simgad/4580563120388231245

Request Chain 92

https://redirector.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=B32F2BD586F3F5E6188CC4F690C6DDA304D19DB2.0A1889E660306DE898809D5B3FEF0AEBA745F3AE&key=ck2 HTTP 302
https://r3---sn-aigzrn7s.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7668FE96D093ACB45589AD34506D11CB91E406D5.091818D24EFFE43CE85E7383623145E960A42B4F&key=cms1&cms_redirect=yes&mh=6t&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrn7s&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48

Request Chain 105

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIceM8kt86X6CzXfFue6zc2ywMIFvOOFe9tn70XCSTr786ZkArUicnYd_Q5TVg&google_gid=CAESELc3LhtROGbmImZeaxeFaSw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9hNDB3QUFBYkJYa2otWQ&google_push=AYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIceM8kt86X6CzXfFue6zc2ywMIFvOOFe9tn70XCSTr786ZkArUicnYd_Q5TVg

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmbeASMjLgmr-DezMS0zg0&google_cver=1&google_push=AYg5qPJdI5asRFy_6ZKISo7Y3whWH0fFlZK_KFOtPrjBS-xE993BgzokuGoP-jgHF279yxESdbNNJRjREbZm2hb0bSwAtGjlAP0KXg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmbeASMjLgmr-DezMS0zg0&google_cver=1&google_push=AYg5qPJdI5asRFy_6ZKISo7Y3whWH0fFlZK_KFOtPrjBS-xE993BgzokuGoP-jgHF279yxESdbNNJRjREbZm2hb0bSwAtGjlAP0KXg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9XC3GxkCQ0qabxz5vZH_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdI5asRFy_6ZKISo7Y3whWH0fFlZK_KFOtPrjBS-xE993BgzokuGoP-jgHF279yxESdbNNJRjREbZm2hb0bSwAtGjlAP0KXg

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBmBkcRelTVWeq7LBO3nL_Y&google_cver=1&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6pj9wLO_O8GUm9LxUJRKbo1tlZIZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMR0gtMjAtUjlY&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6pj9wLO_O8GUm9LxUJRKbo1tlZIZQ

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_cver=1&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhkcZghdnIjcs8zwV5rEBorSNEOcXVGn258XT-1geHleZRBvsldCRORdtBjkgUTuSBaA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhkcZghdnIjcs8zwV5rEBorSNEOcXVGn258XT-1geHleZRBvsldCRORdtBjkgUTuSBaA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa409ri2xvnbSlOtzVXRAAAAOoAAAIB&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhkcZghdnIjcs8zwV5rEBorSNEOcXVGn258XT-1geHleZRBvsldCRORdtBjkgUTuSBaA

Request Chain 120

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY4MPleRCwCRj0BDIIA25eELp58Pw HTTP 301
https://tpc.googlesyndication.com/simgad/9425603793547929825

Request Chain 123

https://redirector.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=9C435674590BC7B76F846AB0527058A06689EB84.A424EC9E7BD8793D1A05109AAA22CDF625BD986F&key=ck2 HTTP 302
https://r3---sn-aigzrnse.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76399AF71269A9A1EEC6FE07094A42F3C3750892.3683A4E74F1C2131ECF2FB0256C1E3643DAB0D96&key=cms1&cms_redirect=yes&mh=li&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrnse&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48

Request Chain 125

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9X9DAGbztNcl-kCSBiErLU-jTT5HEHB6Q&google_gid=CAESEP8Bk6yeW0LPhLRrDWn5NiE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9X9DAGbztNcl-kCSBiErLU-jTT5HEHB6Q&google_gid=CAESEP8Bk6yeW0LPhLRrDWn5NiE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTkyMTM4MjcwMDAyMDExNDQwOTYyMw%3D%3D&google_push=AYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9X9DAGbztNcl-kCSBiErLU-jTT5HEHB6Q

Request Chain 127

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKVOwlta9-fLjwujikhKAzE&google_cver=1&google_push=AYg5qPI6IM_Y-qdD3NJigyIHRtajZTrmYoDFoUwycBV50EkzFn4SERrBsppt9zcna8ZyLburyTdcdohAXRkSzDMAxvxdgKXizGe8xQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKVOwlta9-fLjwujikhKAzE&google_cver=1&google_push=AYg5qPI6IM_Y-qdD3NJigyIHRtajZTrmYoDFoUwycBV50EkzFn4SERrBsppt9zcna8ZyLburyTdcdohAXRkSzDMAxvxdgKXizGe8xQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EDuJzmt7Rca6hih1Ajue1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6IM_Y-qdD3NJigyIHRtajZTrmYoDFoUwycBV50EkzFn4SERrBsppt9zcna8ZyLburyTdcdohAXRkSzDMAxvxdgKXizGe8xQ

Request Chain 128

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIZU7Rvc5HvCVboIhxQf2zs&google_cver=1&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ksq-CCV8adDXaztNmaPOrT12f6x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMSE4tMUstMktTTQ==&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ksq-CCV8adDXaztNmaPOrT12f6x

Request Chain 129

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_cver=1&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1LGnozBqoyLHoARoixhGv_uHTsuwDQB8ES0IB6J7NaDqL4gCuS0jY0NWA8gp8jUO6NA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1LGnozBqoyLHoARoixhGv_uHTsuwDQB8ES0IB6J7NaDqL4gCuS0jY0NWA8gp8jUO6NA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa401DrNJIKzhviC18c9AAABzUAAAIB&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1LGnozBqoyLHoARoixhGv_uHTsuwDQB8ES0IB6J7NaDqL4gCuS0jY0NWA8gp8jUO6NA

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.greenpromocode.com/
Redirect Chain

http://greenpromocode.com/
https://www.greenpromocode.com/

24 KB
8 KB

350ms
196ms

Document
text/html

2606:4700:20::681a:b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.3

Resource Hash

5c20f67c6ac54cc14e29857ca3c41c4c8f74137eeab336e51f0b13f6d739eee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 70dffab4cddb0e12-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 21:38:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WGAgqkcbCuu28JscQuOsB8M2Mk1namv%2FIiC%2FBCiWC5n7yGkGxe9J4cQn%2BKIYEmNpJUkMWhv5OqvBCxbNeBPwOSz9w2c4JAAyYwelx0zP15OGCfGmkmaX4OD2pS1wMKVcpiXB4hS%2FBEaHfjtFgkz5gKnCHo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: PHP/5.3.3

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 70dffab2899383ba-MXP
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 19 May 2022 21:38:23 GMT
Location: https://www.greenpromocode.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbnwjUC%2Bd9iqm5XkROtyNH75mK%2FAH1T8ffVnllht49HQBQZgu%2FhdCP6qobaiIhSzOOZWLYBHy0HV78eQtShRrXZeYXHDrYdg7G7I58xpqiv9a0o3q3GITuLdeKL5w%2FeVc4HjYRDpa838Je4juJVzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 32 KB
6 KB 149ms
56ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6455056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5195
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-81d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8UXlJclRv7chHcIK2fSBrGiZ4CDmzvQ%2FJCPKzpp5BPymoSyG%2FFvcG0iSwZkYzTnOOX5wlZoaqKm8SoQvvLLh%2B8Xsv6DfOFEtzcxQV8fj65sCLJT6seF7qGlLJCkL8koXAXtKVvJ6GtO4vDCEz8Oxt%2FM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70dffab6a86101db-ZRH
expires: Tue, 09 May 2023 21:38:24 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 31 KB
7 KB 149ms
56ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5090384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6740
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-7d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npd5RmrWwGlmRdsMcoBmergFM2h0SUnFugmyJSTq3ctMox6Rui%2F1jJa9dHfh21kPYv%2F7p5tSEVtVyP8YN35mUH%2BvB9KCsXSmomPyJ3OJ5i3ZvKSz%2F0vAMJt1AcOL7Ihcmz4QEy6gzivcOkZN4gN7XIGS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70dffab6a86901db-ZRH
expires: Tue, 09 May 2023 21:38:24 GMT

GET
H2 200 style.css
www.greenpromocode.com/css/ 25 KB
6 KB 182ms
181ms Stylesheet
text/css 2606:4700:20::681a:b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenpromocode.com/css/style.css

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12b108ac307b865cf84f9166caeb4d74829e3f948218a86255380d2c0146d920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 12 Feb 2022 12:29:33 GMT
server: cloudflare
etag: W/"800d3-62f3-5d7d155ee758c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0pxXUlMt%2FaIZ0g9IU2wQ6Na55a1g4IwK2KbtV0CJkwWJywRRDWcaCr%2B2gj%2B9ix67tdDXh3MPHYaUVxdtyyHJhcFH39ltwO0pxwk7kIfwXLysr3F%2B4rf88Q%2BlqadyCVM2%2BX6nqom03gu0KifKqfPfZWlPOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 70dffab618ab0e12-MXP

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 194ms
101ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6454231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2r5I2ErCQTlGrxHXpAe8LaGAekUUug6wTafGFvs%2F4nRL0bB9vPtU7CrCj2v%2F2b3%2BPT5os0ZFPUDhHc3TolujOdUEAtxreC6o4WiY2gLJqPK45mCbLc9CEQnkfk6WP1OWkuePAveXf60qPYqctMwLZ3A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70dffab6a86b01db-ZRH
expires: Tue, 09 May 2023 21:38:24 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 248 KB
56 KB 150ms
57ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13387168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57137
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3dee5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu42gBxJS2X%2F8F535Fa2vcx0YTgLVyNwNc5cDI0B2zkp2AmT7gTKFmwTcNudWv6rGY2bi73s546VbWdHNKxISg3GCkTPiaXwpCUFzmo1mSdWepU9nNdJKCL92jKKxhEWftAulfAOnIroUkR2riYkjy0v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70dffab6a86a01db-ZRH
expires: Tue, 09 May 2023 21:38:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 168ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f75e75bf68e8f12748b3e5328710f03717e12128468fa4b31edd6ecd6da65b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56888
x-xss-protection: 0
server: cafe
etag: 4922105684212268328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 21:38:24 GMT

GET
H2 200 http%3A%2F%2Fwww.cea.com.br%2F
s.wordpress.com/mshots/v1/ 21 KB
21 KB 135ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.cea.com.br%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bf332285f36ed1b439a12b111b9d7005d3e4a11ad9081357e405527aa99d5bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:49:54 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:56:28 GMT

GET
H2 200 http%3A%2F%2Fwww.dutchgrown.co.uk%2F
s.wordpress.com/mshots/v1/ 29 KB
29 KB 75ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.dutchgrown.co.uk%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a80daae96345165068ed9fc32051b8d901b4504461efb21193bd51b6c40374b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:49:26 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:56:28 GMT

GET
H2 200 http%3A%2F%2Fwww.samsung.com%2F
s.wordpress.com/mshots/v1/ 4 KB
4 KB 75ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.samsung.com%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

72391b795737b2076e1fe86d3f844f3acaeffaf933e82e4e0c38e5ade96095fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 03:19:15 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:49:21 GMT

GET
H2 200 http%3A%2F%2Fwww.untilgone.com%2F
s.wordpress.com/mshots/v1/ 20 KB
20 KB 74ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.untilgone.com%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9d2bc71de9b614761f8cc6b03c46de4cde15a1f44a0c721e9b64fd5d7353a38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 01:33:01 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:49:21 GMT

GET
H2 200 http%3A%2F%2Fwww.geekmaxi.com%2F
s.wordpress.com/mshots/v1/ 23 KB
23 KB 73ms
41ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.geekmaxi.com%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5b155ec3f14cadcdfc46f2358bcb4920a1fa4fae0d8fd6145b48604feb4769e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:49:28 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 01:09:18 GMT

GET
H2 200 http%3A%2F%2Fwww.pure-beauty.co.uk%2F
s.wordpress.com/mshots/v1/ 21 KB
21 KB 74ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.pure-beauty.co.uk%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

082abae71b89f6a4e5bdce51e3486a9959cfd3c05765d0b6c4737c66a9efa78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:49:28 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 01:09:18 GMT

GET
H2 200 http%3A%2F%2Fwww.boutiquefeel.com%2F
s.wordpress.com/mshots/v1/ 24 KB
24 KB 58ms
42ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.boutiquefeel.com%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e82e9c5e1a47275a40ec095af59f630fec76b34e196408f1f70471ff44809c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:25:18 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:49:21 GMT

GET
H2 200 http%3A%2F%2Fwww.bauzaar.it%2F
s.wordpress.com/mshots/v1/ 23 KB
23 KB 57ms
41ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.bauzaar.it%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b37193900db765a154a27d76cd172ce4a7023347e2e45338f2aacda1a63dc9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:30:42 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:49:21 GMT

GET
H2 200 http%3A%2F%2Fwww.lampade.it%2F
s.wordpress.com/mshots/v1/ 21 KB
21 KB 117ms
117ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.lampade.it%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b5510d755c4aa53ed08b89e71f98e57a65863032be3335a849af2da3157927f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:45:17 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 00:49:21 GMT

GET
H2 200 http%3A%2F%2Fwww.sheego.de%2F
s.wordpress.com/mshots/v1/ 19 KB
19 KB 117ms
117ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/http%3A%2F%2Fwww.sheego.de%2F?w=250

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ccb6ceb3abf1e7e7800ed128d3d8fb305ea79ca6df42f3bb2767a76a64cd4084

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 19 May 2022 21:38:24 GMT
x-ac: 4.lhr _dca
last-modified: Thu, 19 May 2022 12:49:27 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Fri, 20 May 2022 01:09:18 GMT

GET
H2 200 js.js Show response
www.greenpromocode.com/js/ 6 KB
2 KB 180ms
180ms Script
text/javascript 2606:4700:20::681a:b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenpromocode.com/js/js.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9e6110645579f2eabfaa6d0cf853da4dacb5b87cbc0926477adee353f63054

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 27 Dec 2021 11:11:51 GMT
server: cloudflare
etag: W/"9d7b8-167b-5d41ec5822b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlcGpBEKD2W55J29u88AOvWyw8t5r8f22pZ2UeFvtGQxDrPJ1pA0BuVmJkgpCfLQXJ42a3%2FL%2F6ycnfVJISzu9Ezj4AxwwBj1aG37ICe0uG4OL6PygKLdyV%2F5%2B4HRqR7vTQQINZgoWCPPGjC7n9YXYT3t90M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 70dffab8ad190e12-MXP

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 163ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccc75887e27e6ed73cf477bfeb8df072e775a208c51d01e136617c058a387270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 19:41:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:24 GMT

GET
H2 200 logo.png
www.greenpromocode.com/images/ 4 KB
5 KB 89ms
89ms Image
image/png 2606:4700:20::681a:b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenpromocode.com/images/logo.png

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b479cc4b08b9086114fc3de944c1230c4975a7ec8d722bcbcb2f8accd805e2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5098
vary: Accept-Encoding
content-length: 4316
last-modified: Sat, 24 Aug 2019 10:54:36 GMT
server: cloudflare
etag: "a3fab-10dc-590dabfb22a20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdWkC4jI4AdQBshZDL40a1uFrVIFq7mIDOYK7IhfHq%2Fnklucbcd7G6TVLbFUYDkzR8ef%2Fz5MaOxdEHWqVETsQmwEMJInCQdNllxQorZnKIhmcBsvXNg5lN87MpzLrRa%2BzXz7d5N%2FkAexwLZYYe3jFYBeRQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 70dffab8bd200e12-MXP

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 134ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greenpromocode.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 189079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:07:05 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 65 KB
66 KB 101ms
52ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Origin: https://www.greenpromocode.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 96425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-10440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMG8yvxX492nsnIiM2wwWkP2PE0sMvK%2Bvhj6gOpFhbZCeL3GveELhbPh4fLId2tSJPFD0r6w%2BM35D4aUEbPFF1Nd7E8o3zS3dDjiaBCCjIuj4lIoTUBELNMiQZItB2XV2YuYaGPpzoZ%2BQdRYutu1q1fl"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70dffab8fe0601e3-ZRH
expires: Tue, 09 May 2023 21:38:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 20 KB
20 KB 151ms
85ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greenpromocode.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:19:24 GMT
x-content-type-options: nosniff
age: 188340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20480
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:19:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/ 310 KB
111 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4811848261192035&plah=www.greenpromocode.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caf52b6b20fc50cf59d6f4fe757d8a0e38d6b62be5b8bc4adb9cda895885096b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113356
x-xss-protection: 0
server: cafe
etag: 4613158767503307926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 21:38:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/ Frame F214 10 KB
5 KB 132ms
40ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 10593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:41:51 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 18:41:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
647 B 147ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.greenpromocode.com&callback=_gfp_s_&client=ca-pub-4811848261192035

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4811848261192035&plah=www.greenpromocode.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

625d55fc5f1a551c7889abbd6f8829300f5ad8742a1a4ff1de97a3e65adb21af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 139ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.greenpromocode.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.greenpromocode.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.greenpromocode.com%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B35 262 KB
66 KB 796ms
714ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&adk=1812271804&adf=3025194257&lmt=1652996304&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.greenpromocode.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996304764&bpp=2&bdt=465&idt=159&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6885606545164&frm=20&pv=2&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872efa81c0f1ee943cc81869bcbd389b7a867629e96944b081ac9f63a66e8098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 21:38:25 GMT
expires: Thu, 19 May 2022 21:38:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 134ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220516&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79468cfa7073ac9933757ccca64ece63dc1d9ebf15dbb3327d341602b48e7c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10602
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/ 147 KB
52 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b6f90a8994e62c493f0123b839ab662b624380f0105958415e4aaa3dfb67806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53578
x-xss-protection: 0
server: cafe
etag: 6528443436942504933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 21:38:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
89ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-4811848261192035&eid=44759876%2C44759927%2C44759842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-4811848261192035&warn=12%2C13&w=1600&h=1200&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220518_103554&sat=1652983474339&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.133&allp=46&fd=(0%2C4%2C0)%2C(1%2C10%2C0)%2C(2%2C7%2C5)&pgh=4214&abl=false&rr=n&su=www.greenpromocode.com&pvc=457582199847340&r=0.1&eid=44759876%2C44759927%2C44759842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 134ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.greenpromocode.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.greenpromocode.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF53 114 KB
36 KB 865ms
862ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b6a63515b7282d79f388a877d5597505bb36e4deb99092650910e0cb4c95c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36883
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 21:38:26 GMT
expires: Thu, 19 May 2022 21:38:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D18 111 KB
35 KB 721ms
718ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b3378a643afeda6e2661ff04173c661ad73d49a596c8b6e0f0dbb8ec5face33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35808
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 21:38:26 GMT
expires: Thu, 19 May 2022 21:38:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-4811848261192035&eid=44759876%2C44759927%2C44759842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/ Frame 9E87 10 KB
4 KB 44ms
42ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 20:59:00 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 20:59:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/ Frame 4323 10 KB
4 KB 43ms
42ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 20:59:00 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 20:59:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 186ms
96ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9E87 4 KB
633 B 135ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 21:30:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E87 205 B
742 B 129ms
41ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:13:03 GMT
x-content-type-options: nosniff
age: 1523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 May 2023 21:13:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E87 604 B
694 B 130ms
42ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 20:06:11 GMT
x-content-type-options: nosniff
age: 5535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 May 2023 20:06:11 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 9E87 19 KB
9 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:25:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4323 8 KB
892 B 130ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 21:31:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 4323 2 KB
983 B 100ms
81ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:34:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4323 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPeJZ0biGYvrwA4nAgAes77II2JjshGqc3crptQ_F3NfZqTAQASC75ugjYLuGgIDQCqAB2_28zgLIAQmpAsZRPkEkwrE-qAMByAPLBKoEzQFP0JaEe4l91DBiEw3tm3xuUAc2ImsihLEfH1YWMLRENRXEhvPomdT3hNIgzbBHoPR1OzRxrdmRnneta8bUIbrTikn2EB1bBV9giFbjWsPgdY4HIonEpRhaRRBrlQffm9gKnds3ttstQ2Ft1NiWKCv_Pf-0NH-XSEkHZ7wQclbCzVrRd4jsV879xWsp04ASUJGW4ymvWsSxROukfdPI2DMU7Vbi4g8V-0x_XWIdNJLhYGVn1W078aeGSKrox3Dw5YuLhN9jo8-xwkMgyLqHwASKtoKw_wOSBQQIBBgBkgUECAUYBKAGLoAHjYLDsQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDn81PSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ4MTE4NDgyNjExOTIwMzUYAA&sigh=tZAHWXtc_Yo&uach_m=[UACH]&template_id=5000

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 21:38:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 4323 21 KB
9 KB 67ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:23:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 4323 3 KB
1 KB 96ms
80ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:35:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4323 135 KB
42 KB 143ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 4323 17 KB
7 KB 59ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:38:03 GMT

GET
H2 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame 4323 30 KB
12 KB 120ms
42ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 20:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 20:27:50 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8042567972107149696/ Frame 4323 16 KB
16 KB 97ms
82ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8042567972107149696/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bc9818da3dff216c557d7c4b7b58bb61f2887fd930e075495dda8baada5830a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 06:42:32 GMT
x-content-type-options: nosniff
age: 399354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16158
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 15:36:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 May 2023 06:42:32 GMT

GET
DATA 200
OK truncated
/ Frame 4323 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4323 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2351 13 KB
5 KB 126ms
42ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 27753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 13:55:53 GMT
expires: Fri, 19 May 2023 13:55:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F8B 783 B
1 KB 140ms
52ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89fb3317220bcb1ea0d659eb0823a63195f21d2009829e3e2bf559866df5caf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LuiVCPDZuJUgzkd2kvsq-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenpromocode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LuiVCPDZuJUgzkd2kvsq-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 21:38:26 GMT
expires: Thu, 19 May 2022 21:38:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame E871 8 KB
892 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 21:32:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame E871 2 KB
904 B 126ms
60ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:34:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame E871 21 KB
8 KB 105ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:23:01 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame E871 3 KB
1 KB 122ms
58ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:35:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E871 135 KB
41 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame E871 17 KB
7 KB 111ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:36:38 GMT

GET
H3 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame E871 30 KB
12 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 20:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 20:27:50 GMT

GET
DATA 200
OK truncated
/ Frame 4323 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c09605af98a8b7d0e7e0a7ac47711edb9446679b6f2fcd18cc0bdccfa90361a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame B9DA 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 18:25:16 GMT

GET
H3 200 NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2351 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13698
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 14:51:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F8B 0
0 89ms
89ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220516&jk=457582199847340&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 23EC 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: www.greenpromocode.com
URL: https://www.greenpromocode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 18:25:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2351 0
9 B 41ms
41ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cFDjtA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 8D18 9 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:38 GMT

GET
H3 200 19a7319e4bc4a19e524aea80c64516c9.js Show response
www.gstatic.com/mysidia/ Frame 8D18 146 KB
54 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b447ca977140c5aab1681d802c2bff8f2dd59081d1d99f7bb0ce0fd5fea6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55389
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 16:29:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8D18 4 KB
812 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 21:31:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8D18 2 KB
904 B 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:34:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 8D18 21 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:23:01 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8D18 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8D18 17 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:36:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D18 0
0 130ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxSVzBCHzA8sicovqN5ejJpyu3FR8B-qtiLTJx5dDuDvNjXxA4wD7Dm92EQj7QObTFhmNHHurLbDYGo9O99YiULCoFlQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 8D18 30 KB
12 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8D18 4 KB
5 KB 160ms
40ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS0O2SP3ooviI72w3vHIAroubFnoEA1ww6XGhasgRNX2drmjNM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1cc6c6f329113af369c4224666c47d241e51d417b0a7e4586d32cba3b21c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 13:01:41 GMT
x-content-type-options: nosniff
age: 117405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4599
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 12:55:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 18 May 2023 13:01:41 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8D18 5 KB
5 KB 145ms
41ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ-t9aW7dpLUf9XjxUMP5N_Cf3kEz9qt1KgLqjwnQ6jpdJ8rME&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8924589515e39311185cc6f3077d9369d6b77cc79255fa2806d50169342340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 20:06:24 GMT
x-content-type-options: nosniff
age: 178322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4892
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 03:42:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 17 May 2023 20:06:24 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8D18 4 KB
4 KB 171ms
52ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSNzTOFlUXlxr2M-j6Bp0jgx2KLdZzlKJikzZUJT1_cuzC3LuaO&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e730080129c6688d77e0d9d1a8fa15c3090e8e4d7d442e2734a11b767228c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 03:45:01 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3806
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 21:38:26 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8D18 6 KB
6 KB 148ms
44ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSFsk0jrlZBECBAlC1pe0Igiqo3cj3kP8t81ghGuWlvHrqDqN0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dd5df268c0dca4f50c77733f3ffcdcf5a14e93bab5ab6155882200067eadd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 20:06:24 GMT
x-content-type-options: nosniff
age: 178322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6027
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 14:00:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 17 May 2023 20:06:24 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8D18 6 KB
7 KB 152ms
49ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSaRVnjcL0oaQm2dMWQQ8iJgZ2rfQaQxMkgrGpfckkAl6GCIIJv&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ca3d89bc4b413f1a4b0411e8032e918591188d54cfd1d6c1ca7426edbf2352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 01:54:42 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6596
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 21:38:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8D18 3 KB
3 KB 168ms
49ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ4mC8EyJBx-qWcdzZI24ZWFoBJEn6zJUFxuW35-vWm2GFbiBU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa82b0138fe415f2a3980d2178d76c0b093ce80443478a639f94b2c6c68c59a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 02:49:31 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3001
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 21:38:26 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8D18 11 KB
11 KB 152ms
49ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRwozA1Hs7rd2-31tuPAJ8ckufvj5gh2Ube11coVBhLpH7JY8I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafb1a5d8fa0845f77d66fcc1552b3504100b71d0849733b91d1bc36e1c4f628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 11:24:52 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11233
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 21:38:26 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8D18 0
327 B 189ms
70ms Ping
image/gif 2a00:1450:400a:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3djbl9w&c=175263950857&slotId=87631975428.5&qqid=COCEi43D7PcCFffZEQgdA-ALWQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:808::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

4580563120388231245
tpc.googlesyndication.com/simgad/ Frame 8D18
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgtomMRBCwCRj0BDIImeD1D1VBjKo
https://tpc.googlesyndication.com/simgad/4580563120388231245

514 KB
514 KB

43ms
42ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4580563120388231245

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab006d5c253c33e5297d59282e19a23ff643efaa1dce61d4428be4c73ae3acfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 19:58:14 GMT
x-content-type-options: nosniff
age: 178812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 526381
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:26:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 19:58:14 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4580563120388231245
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Jun 2022 21:38:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8D18 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjqu90riGYuDTAfezx_APg8CvyAXWpJ6QaYjOlbLMD5aCzYWIFhABILvm6CNgu4aAgNAKoAHLzJW0AsgBCakCwuNrKmP6tD6oAwHIA8sEqgTQAU_QvO2enzmEXMbxumcB9oRWvlQXzFSmGG8ej_RzP93_lMO_dzNRihFHeoXNRecHQ4AwKRybICb4xOHZF81g9eGzsbKCKGF3uZvDBF074EIN2EpardLQLTsqgwKnYfd1jptCJMf6VBnRxHviYANz-jc35W36M9IsLtjJEZwYIxJjVOjZoGgBTT-t1WEyr3FJB8-THw-8fi8O3MNTv1vnrP6lEuE8fnSiAYP6L-rybEiYkgqmxiTxUr5yhM0Qn3uP0gqqWSBm6be5BMJdUDd1diXABJP8q8ORBJIFBAgEGAGSBQQIBRgEoAYugAeds-rLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC8u3jSCAkIgOGAEBABGB-ACgHICwGYDLihxJT0A8ITBhjLzJW0AtgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00ODExODQ4MjYxMTkyMDM1GAA&sigh=Kfz_29JrJlk&uach_m=[UACH]&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 21:38:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2F84 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 20 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D18 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7b7fa85aa54f12b63e107d0699c61f8a36b206819a8ee576be076a1d83af1b8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r3---sn-aigzrn7s.gvt1.com/ Frame 8D18
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=ip,ipbits,expire,id,...
https://r3---sn-aigzrn7s.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

91ms
29ms

Media
video/mp4

2a00:1450:401f:2::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigzrn7s.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7668FE96D093ACB45589AD34506D11CB91E406D5.091818D24EFFE43CE85E7383623145E960A42B4F&key=cms1&cms_redirect=yes&mh=6t&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrn7s&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48

Requested by

Protocol

Server

2a00:1450:401f:2::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5b109265c691a67bdd8d0e74f43bdee1bdec21986548467fef34715330d63f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 15 May 2022 17:04:43 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1291938/1291939
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1291939
expires: Thu, 19 May 2022 21:38:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-aigzrn7s.gvt1.com/videoplayback?id=39f28817773081f8&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7668FE96D093ACB45589AD34506D11CB91E406D5.091818D24EFFE43CE85E7383623145E960A42B4F&key=cms1&cms_redirect=yes&mh=6t&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrn7s&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame AF53 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:38 GMT

GET
H3 200 19a7319e4bc4a19e524aea80c64516c9.js Show response
www.gstatic.com/mysidia/ Frame AF53 146 KB
54 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b447ca977140c5aab1681d802c2bff8f2dd59081d1d99f7bb0ce0fd5fea6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55389
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 16:29:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AF53 4 KB
812 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 21:35:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 21:38:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AF53 2 KB
904 B 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:34:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame AF53 21 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:23:01 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AF53 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:35:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF53 135 KB
41 KB 140ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 21:38:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AF53 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:36:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF53 0
0 48ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEBiKicmwxqLSjWva6AJpjtqtzpCLnGwZkFbM3_vyECSa41U3DDMSLInywJvmYM6UL3_rz71Y09L4SS3lI5LWxUQu41w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame AF53 30 KB
12 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 8D18 17 KB
17 KB 121ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:42 GMT
x-content-type-options: nosniff
age: 170684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17148
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2F84 35 B
463 B 146ms
42ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL2jgnkKc-iz6N8Q09aQ0cY&google_cver=1&google_push=AYg5qPL80P-LrD38179C3ujXZX_XHZVzrY_k0pyyShdO1WuyaHJF7a0xF16_ZqE9H6-kHwtHY1M0RPz1fWio66WsIN4FbhQhdi89IQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F84
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIc...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9hNDB3QUFBYkJYa2otWQ&google_push=AYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIceM8kt86X6CzXfFue6zc2ywMIFvOOFe9tn70XCSTr786ZkArUicnYd_Q...

170 B
188 B

206ms
82ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9hNDB3QUFBYkJYa2otWQ&google_push=AYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIceM8kt86X6CzXfFue6zc2ywMIFvOOFe9tn70XCSTr786ZkArUicnYd_Q5TVg

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9hNDB3QUFBYkJYa2otWQ&google_push=AYg5qPIk-Dn1FwlbFNliCrkMbcBXpM7r_EBtpCycFIceM8kt86X6CzXfFue6zc2ywMIFvOOFe9tn70XCSTr786ZkArUicnYd_Q5TVg
Date: Thu, 19 May 2022 21:38:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2F84 43 B
350 B 97ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEL1HMUxQ6alxXAomoi5Yo2U&google_cver=1&google_push=AYg5qPK3YCVsR4aSs32qoTpbnhi1_RwB-tRM47nWDdZnziBPTFoAGnggCRIhd4DWhfEAQCIamn3FrhBiGww-wvjzeflzy0ibB_Kn
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1ir8gp5p3a3lbeefrmd0osj9p5i0i411

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2F84
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9XC3GxkCQ0qabxz5vZH_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

81ms
81ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9XC3GxkCQ0qabxz5vZH_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdI5asRFy_6ZKISo7Y3whWH0fFlZK_KFOtPrjBS-xE993BgzokuGoP-jgHF279yxESdbNNJRjREbZm2hb0bSwAtGjlAP0KXg

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9XC3GxkCQ0qabxz5vZH_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdI5asRFy_6ZKISo7Y3whWH0fFlZK_KFOtPrjBS-xE993BgzokuGoP-jgHF279yxESdbNNJRjREbZm2hb0bSwAtGjlAP0KXg
date: Thu, 19 May 2022 21:38:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2F84
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBmBkcRelTVWeq7LBO3nL_Y&google_cver=1&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6p...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMR0gtMjAtUjlY&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6pj9wLO_O8GUm9LxUJRKbo1tlZIZQ

170 B
232 B

74ms
74ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMR0gtMjAtUjlY&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6pj9wLO_O8GUm9LxUJRKbo1tlZIZQ

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMR0gtMjAtUjlY&google_push=AYg5qPLf1Wnnx7PKQ1YbXM2LSV7rE109yRUKsBV_OhMBDth4yakd5GMvwbFxpotexCTcF-n0x6pj9wLO_O8GUm9LxUJRKbo1tlZIZQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F84
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa409ri2xvnbSlOtzVXRAAAAOoAAAIB&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhk...

170 B
188 B

146ms
81ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa409ri2xvnbSlOtzVXRAAAAOoAAAIB&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhkcZghdnIjcs8zwV5rEBorSNEOcXVGn258XT-1geHleZRBvsldCRORdtBjkgUTuSBaA

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 May 2022 21:38:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa409ri2xvnbSlOtzVXRAAAAOoAAAIB&google_cver=1&google_gid=CAESEFjAp53gkvUtLEVaFMtXjOM&google_push=AYg5qPLOyxtHJJ4Ivxjq9ioiCJU3DESZ6UAhkcZghdnIjcs8zwV5rEBorSNEOcXVGn258XT-1geHleZRBvsldCRORdtBjkgUTuSBaA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Thu, 19 May 2022 21:38:27 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 2F84 43 B
297 B 174ms
36ms Image
image/gif 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENQZeECw6421DQ7bQZIvxKk&google_cver=1&google_push=AYg5qPJlTjtCcwkEOx6CSvqJeypccT03S_kzlUpM1tdzJusEa7d4JhsS5jXfFEupCipjFZwI77l9HF0IWPaLES88iVpQ3QsiDrVOsQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=3643374295&pi=t.aa~a.905964914~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=1&bdt=1530&idt=1&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0%2C1200x280&nras=3&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KOQydh3SQL&p=https%3A//www.greenpromocode.com&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2F84 0
232 B 222ms
79ms Image
text/html 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3sysTtBfp7OJ9ygmLiEsp_aU2rRE_SBhNnh4NmVJ7UQR_74IdwFABXzqHc0majdW7GVA3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AF53 15 KB
16 KB 52ms
50ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSNhbgJczBt8kXrXYq_68NreQQbwXqjVxxR5VuhXHIX-DeBzGNxuRscssD1poI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f12ae893ddb31ab83d220badd47d912df61e4430db7875ec679889133f11ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 266654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15776
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 10:44:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 May 2023 19:34:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AF53 18 KB
18 KB 42ms
40ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQsHKqRSf1zk8iRKU4Vi6VNkH9EUp5bySe1PiH3vpBJSu7ijYo&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc467a3f383d7687cd07fe647ac7fde728a35ce364bb802d2b585ddea4cb8d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:12:08 GMT
x-content-type-options: nosniff
age: 138378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18254
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 16:05:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 18 May 2023 07:12:08 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AF53 15 KB
15 KB 65ms
63ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQeUVQ80m-htWn6r8NKaMxGwda0JDUuMEblCUqiYOYiFmU7a9PpcqMpsWEIYw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1126b09ae1af1b6c80997993dbd73fc3bc39f1b736a8b96188ed0193a9104c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:19:24 GMT
x-content-type-options: nosniff
age: 137942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
last-modified: Thu, 12 May 2022 03:22:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 18 May 2023 07:19:24 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame AF53 21 KB
21 KB 145ms
41ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS8kkCYBjlRTtuxwtjXLjIFp8wBiPJkjycLcAkR8X9qFOFve52X&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb7bb7c7654adef57a5fb6dc6ac3f3d3f7d7be0896694c1b0f4a589e6435ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:26:19 GMT
x-content-type-options: nosniff
age: 40328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21031
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:48:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 10:26:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AF53 20 KB
20 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRtP9JfS0XvVycSLef37DZSa2rLCK6ml6pTpgxKdZHJ1g9K8nk&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c4a747967f123c3a28d5bcc5ae840e49744cbca10f865016879adba33e4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 16:42:07 GMT
x-content-type-options: nosniff
age: 17779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20368
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 04:26:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 16:42:07 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AF53 18 KB
18 KB 76ms
75ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSkpZ_hcl0_N5WLci6FzffBqjGuJS_uOYsFicYEX5dJHup3zO19FbgZV_Ao3jA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6910a8742a1210ebe4022b9f9ae90c30c233d4c9d67ebc39097ee12f97394d7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:43:01 GMT
x-content-type-options: nosniff
age: 208525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18616
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:33:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 17 May 2023 11:43:01 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AF53 35 KB
35 KB 58ms
57ms Image
image/png 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQvFl5KXciNxr_09H3iE7HNDpriyfqddG-nim0ZPFESGrvv1How&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88c7f00967c577e89526fd0b6a316422a3d789993cbf2a7b9c8114d4187d13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 10:57:32 GMT
x-content-type-options: nosniff
age: 556854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35339
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 13:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 May 2023 10:57:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AF53 0
54 B 93ms
71ms Ping
image/gif 2a00:1450:400a:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3djblco&c=7881123755543&slotId=3940561877771.5&qqid=CN_oiI3D7PcCFZBG4Aody1gLrg&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:808::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

9425603793547929825
tpc.googlesyndication.com/simgad/ Frame AF53
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY4MPleRCwCRj0BDIIA25eELp58Pw
https://tpc.googlesyndication.com/simgad/9425603793547929825

790 KB
790 KB

57ms
56ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9425603793547929825

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1155dec1cfacdc2b1917cd727aab45f23a06cd2df50231a104e91748cf4f5102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:18:37 GMT
x-content-type-options: nosniff
age: 40789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 808842
x-xss-protection: 0
last-modified: Thu, 05 May 2022 15:45:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 May 2023 10:18:37 GMT

Redirect headers

date: Thu, 19 May 2022 10:18:37 GMT
x-content-type-options: nosniff
server: cafe
age: 40789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/9425603793547929825
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Jun 2022 10:18:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF53 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfrgk0biGYp-8PJCNgQfLsa3wCrPM4dJp_emnjKUPxqbV4ewuEAEgu-boI2C7hoCA0AqgAfmNxZkDyAEJqQLC42sqY_q0PqgDAcgDywSqBM8BT9CqQkZJqBNk5VrgPW_Cx_gZxMPHfTzdKpLKoGbMBHFHh6F9mR62GBVsuVG9z8NnUqO8CgbFxrVpSFlBEymvioN4-rSM6uRmE7F9xCWDcP8-wKc5dtrEjtJyFAnLArGhi4j_ByiTJNVmmOgXL8rsLB9XVvBhzTcWIwJW6I8_bG-sPUNfkQeVfg8ge5XfUfoFVbfKsE5vdPmnVdCyZh80BzamHWQY4mCNWGF_e95iYus0cxPhtRurBjsqxZaN31BPf41gH3sxIKJF_3WyoKwuwASyo6Hi3QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7_G6ZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDJ_WPSCAkIgOGAEBABGB-ACgHICwHYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNDgxMTg0ODI2MTE5MjAzNRgA&sigh=O8jOIwwa1Io&uach_m=[UACH]&template_id=499

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 21:38:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD74 1 KB
749 B 41ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 20 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

206

videoplayback
r3---sn-aigzrnse.gvt1.com/ Frame AF53
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=ip,ipbits,expire,id,...
https://r3---sn-aigzrnse.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

109ms
30ms

Media
video/mp4

2a00:1450:4009:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigzrnse.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76399AF71269A9A1EEC6FE07094A42F3C3750892.3683A4E74F1C2131ECF2FB0256C1E3643DAB0D96&key=cms1&cms_redirect=yes&mh=li&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrnse&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Server

2a00:1450:4009:14::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

88d85296ce77cac907f0f148e7efeb4db1dce479a9d831e7b416f3b29615f53b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 15:05:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1338237/1338238
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1338238
expires: Thu, 19 May 2022 21:38:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-aigzrnse.gvt1.com/videoplayback?id=a8e1c627543cf97a&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1653003506&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76399AF71269A9A1EEC6FE07094A42F3C3750892.3683A4E74F1C2131ECF2FB0256C1E3643DAB0D96&key=cms1&cms_redirect=yes&mh=li&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigzrnse&ms=nvh&mt=1652995329&mv=u&mvi=3&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame AD74 35 B
464 B 51ms
42ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJi4mjwTVDkT8B8AGyedpbo&google_cver=1&google_push=AYg5qPKzZerLInz9IWm5j_pKPpwnrfjg7boQqeMFmHoZKein70X8W3LaxpuAP0kNuh2HcyiWx4blcHJQJ6Gu_fzdG2hMWm3Eu1JPog

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIH2Icu...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIH2Icu...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTkyMTM4MjcwMDAyMDExNDQwOTYyMw%3D%3D&google_push=AYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9...

170 B
188 B

76ms
75ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTkyMTM4MjcwMDAyMDExNDQwOTYyMw%3D%3D&google_push=AYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9X9DAGbztNcl-kCSBiErLU-jTT5HEHB6Q

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTkyMTM4MjcwMDAyMDExNDQwOTYyMw%3D%3D&google_push=AYg5qPIH2IcuoSifIZ3UvJ06KZsKV1zaPbXBGley1DYm8-J1tGsbXqlKeXHjuS292iJVV9X9DAGbztNcl-kCSBiErLU-jTT5HEHB6Q
pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 19 May 2022 21:38:27 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame AD74 43 B
135 B 33ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGl7gyZZn_RUWGyrjsVQY3k&google_cver=1&google_push=AYg5qPJ0CQM5SpgwKi77D60VeOqyaH8FrcIuCM0rPSFOYkRGvcCvOxNR_LMtlm2tVCECI9YG4O1GDWE9BxgiCCdaWEMCOsVnWrIrgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 62tm6odfnh4aqs4gri81qtarphqvoc7p

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EDuJzmt7Rca6hih1Ajue1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

72ms
71ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EDuJzmt7Rca6hih1Ajue1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6IM_Y-qdD3NJigyIHRtajZTrmYoDFoUwycBV50EkzFn4SERrBsppt9zcna8ZyLburyTdcdohAXRkSzDMAxvxdgKXizGe8xQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EDuJzmt7Rca6hih1Ajue1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6IM_Y-qdD3NJigyIHRtajZTrmYoDFoUwycBV50EkzFn4SERrBsppt9zcna8ZyLburyTdcdohAXRkSzDMAxvxdgKXizGe8xQ
date: Thu, 19 May 2022 21:38:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIZU7Rvc5HvCVboIhxQf2zs&google_cver=1&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ks...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMSE4tMUstMktTTQ==&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ksq-CCV8adDXaztNmaPOrT12f6x

170 B
188 B

205ms
82ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMSE4tMUstMktTTQ==&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ksq-CCV8adDXaztNmaPOrT12f6x

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNESkJMSE4tMUstMktTTQ==&google_push=AYg5qPJlkxGQubdW5yZd2lskbWKZ2P3GMU709UcEcUqYG2bkCwqUG3uysiqDhQmYwo9v74mW2ksq-CCV8adDXaztNmaPOrT12f6x
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa401DrNJIKzhviC18c9AAABzUAAAIB&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1L...

170 B
188 B

104ms
81ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa401DrNJIKzhviC18c9AAABzUAAAIB&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1LGnozBqoyLHoARoixhGv_uHTsuwDQB8ES0IB6J7NaDqL4gCuS0jY0NWA8gp8jUO6NA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 May 2022 21:38:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yoa401DrNJIKzhviC18c9AAABzUAAAIB&google_cver=1&google_gid=CAESEOb4dHtPVDW4V3yoHZ2pAd4&google_push=AYg5qPIGL2RpB34A6rVB9bNu7ybK3tPhGDj1LGnozBqoyLHoARoixhGv_uHTsuwDQB8ES0IB6J7NaDqL4gCuS0jY0NWA8gp8jUO6NA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Thu, 19 May 2022 21:38:27 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame AD74 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AD74 0
40 B 129ms
80ms Image
text/html 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxJPjlVAIOT20VBuXezIkrTq8KgD7HjcGMuL_sBqZPJ86Pq0x4fFxmEG2iMAay6A2Sd0HYKA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:38:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame AF53 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd1cdf2dc35d77f957b83b477169987371c896540cc90c6df8576ae1cca0eda

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220516&jk=457582199847340&bg=!mJulm9_NAAZL3OSAa9w7ACkAdvg8Wr2LgV2zEfxE9nwDZXBEj8oZSJAPnvdfFFxqAEssay-Cik60YgIAAAB0UgAAAAFoAQcKAJ3BfoZPdIoHFhBd3XNKC4Z9inGHVUtsSvbM6yFH-OsVAnfnjaW4mrKrXKQOftKAl-pUYPy50yX5GYKRsFeq8PDnU6vtGkThGgWbC7xFjQFy52GIdEa_JIhZprLbRsiO9w-TRAIMO5qjqLGWVhP9lvNGJwYQU_jD6WzQm2istw4CKrUieCHZ-_dtqCZW7I2-yigr_R1uIm6nbIoMD-t8mQKexyu0Gt8OB9N5Ht4ZzW6lRYPm-ZQKc90DKyHsNSZK0KTXsPxyE2PCFv_CpC9tMtOS9E-U6KLWucbR4J_CnVgzawJo6SHvasuWsy9ne8pSRosb7sYSeAiPzVYRJ1OzQoiRcIQga2Vp9oo1ENsYnDCR5kYUOB_u-4WV1YPDmxwSsQ2MPGPrTkfXdcnfXMfHp98ytb_hZl0m7Q66TaLcke-ySGqtM4-xXr1iuMEFVtQGGN_AMjEYbF4gOYvs_rQNaFoM7fdWVcgHwTY6VDG9ngiKqFP004a6ZQdHAd-rceRivDD2_V7J_7IUEeFKytQBx1e-strXOHjC5d_rQdxUqhRyZn3HcXr5N1aI7GIQMiOPwLxzKtfS9JTatd8Ny6HZAq3ywE9fPZd1oAor_Km0zp1-Dl6TlTJJe3YOfqm-Xr2fq28JmS88lsv_RWJFdAWDX_0t28IU4i54g49zSPX3ZxaIo8f9Gx-PK9aIW_n_N-CSdro1qO74UJPk44vVyZmieroQpnKvOjDwzia1VHvY5Hpj_qDrhOBiNuUCmMdTyqjbZNIvkE0tozq6ZD5LuZTjKyDTZrY6eeGlgIZfVWuYwgCmaf-vpkHMic0nI1J7Wta9jlRFPj8GL34EW2fhwM48cNpbsn07G4eQTPfROu-gLOlPK7elf7hnyYCf8avZhysspqf3Xp-D4rggSs60rplAyHJNMUxHrDd8v5IkBN7dbfmkHSZjHYoMTXhxIzHP0C1sHhtPmosn2k0XD2QxBWk1-ROdqdLGHJI7xjSfw9EPsh2Mw3HRw8LsqtIhDz_ZuWoNMoOq6Pzu0dPRBKb1CVgqy11V0uI162WrBCUIbT0g3cGG7GsWaex0QhQ2ISRIxFv2iO5IvMgnQTpsiMNTSvbORg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.greenpromocode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame AF53 17 KB
17 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:42 GMT
x-content-type-options: nosniff
age: 170685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17148
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:42 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame CF38 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 18:25:16 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 3269 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4811848261192035&output=html&h=280&adk=1959859350&adf=4059110530&pi=t.aa~a.905964914~i.3~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1652996305&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2952434691&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.greenpromocode.com%2F&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652996305829&bpp=2&bdt=1530&idt=-M&shv=r20220516&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2de01717a2a0d26e-228730da97cd004e%3AT%3D1652996305%3ART%3D1652996305%3AS%3DALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog&prev_fmts=0x0&nras=2&correlator=6885606545164&frm=20&pv=1&ga_vid=517709740.1652996305&ga_sid=1652996305&ga_hid=895821969&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=457582199847340&pem=98&tmod=623459837&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gMqB4mwl23&p=https%3A//www.greenpromocode.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 18:25:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4323 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvIHTUvAn9oOO9X13bc9lNqcRS1gw-EZkW9WjWh-3U4xOvWa1nfRmxc9oRWEEKyuv1wPURppq2r3yT8TVLQ5gRJmWiAmG1qEa3Q6oSpPfYJB5Y8Gz4EkGaCNdj&sai=AMfl-YSrCRnk4boKTukDh9ZuALflpjSoxZu7aUdbE9MFW38DRpL6JiLSVx2EhBKuTTr6DlS0r5xsUrtei2NL&sig=Cg0ArKJSzNjeMfZFD2DrEAE&id=lidar2&mcvt=1065&p=0,0,124,1005&mtos=161,846,1065,1117,1117&tos=161,685,219,52,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652996305925&rpt=336&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8D18 0
17 B 170ms
73ms Ping
image/gif 2a00:1450:400a:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3djbla7&c=175263950857&slotId=87631975428.5&qqid=COCEi43D7PcCFffZEQgdA-ALWQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:808::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AF53 0
17 B 149ms
73ms Ping
image/gif 2a00:1450:400a:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3djblcw&c=7881123755543&slotId=3940561877771.5&qqid=CN_oiI3D7PcCFZBG4Aody1gLrg&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/19a7319e4bc4a19e524aea80c64516c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:808::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 21:38:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECMgWVs1gzmYo3crw3V0e5s&google_cver=1&google_push=AYg5qPJ1vJuu5MR5wqkI1Ded3f9xiSx7alWt_lLvJkeMVtzIbPch7_1UKF6OInFOMI6DDNh6YhB_c0Kl0veHJumLnsB_B5xT7VnM8S0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.greenpromocode.com/	1970-01-20 12:31:32	Name: __gads Value: ID=2de01717a2a0d26e-228730da97cd004e:T=1652996305:RT=1652996305:S=ALNI_Maxy1i4uhjhe7-khyuVzQwGeVCuog
.doubleclick.net/	1970-01-20 12:31:32	Name: IDE Value: AHWqTUkFh3S56FmG3r2tI0lORKauXgG_s35ceuXbE18-j-11eM3AdQOAquGS0HhUjOM
.pubmatic.com/	1970-01-20 03:11:22	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 05:19:32	Name: d Value: ECgBCQGWJoEA
.quantserve.com/	1970-01-20 12:40:10	Name: mc Value: 6286b8d3-00959-f40e9-0fa45
.pubmatic.com/	1970-01-20 05:19:32	Name: KADUSERCOOKIE Value: 103B89CE-6B7B-45C6-BA86-2875023B9ED6
.innovid.com/	1970-01-20 05:19:32	Name: uuid Value: 792b68e7-870f-4b49-8146-3ea9c34c2ba9-20220519 17:38:27
.casalemedia.com/	1970-01-20 05:19:32	Name: CMPS Value: 671
.casalemedia.com/	1970-01-20 03:11:22	Name: CMST Value: Yoa402KGuNMA
.casalemedia.com/	1970-01-20 11:55:32	Name: CMID Value: Yoa401DrNJIKzhviC18c9AAA
.casalemedia.com/	1970-01-20 05:19:32	Name: CMPRO Value: 1845
.e.dlx.addthis.com/	1970-01-20 12:40:10	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:40:10	Name: na_id Value: 2022051921382700020114409623
.addthis.com/	1970-01-20 12:40:10	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:40:10	Name: uid Value: 6286b8d335a40ca3
.addthis.com/	1970-01-20 12:40:10	Name: ouid Value: 6286b8d3000128b298b99774f175b14aa505cdd20abf853c2af5
.dlx.addthis.com/	1970-01-20 03:53:08	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:53:08	Name: na_sr Value: 20220519
.dlx.addthis.com/	1970-01-20 03:09:56	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:53:08	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECMgWVs1gzmYo3crw3V0e5s&google_cver=1&google_push=AYg5qPJ1vJuu5MR5wqkI1Ded3f9xiSx7alWt_lLvJkeMVtzIbPch7_1UKF6OInFOMI6DDNh6YhB_c0Kl0veHJumLnsB_B5xT7VnM8S0 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
ag.innovid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
greenpromocode.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
r3---sn-aigzrn7s.gvt1.com
r3---sn-aigzrnse.gvt1.com
redirector.gvt1.com
rtb.openx.net
s.wordpress.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.greenpromocode.com
www.gstatic.com
googlecm.hit.gemius.pl
104.111.215.191
108.128.215.255
142.250.184.226
142.250.74.130
192.0.77.33
198.47.127.19
23.35.236.247
2606:4700:20::681a:b4c
2606:4700:20::ac43:491e
2606:4700::6811:190e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4009:14::8
2a00:1450:400a:808::2003
2a00:1450:401f:2::8
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
35.186.253.211
69.173.144.138
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
082abae71b89f6a4e5bdce51e3486a9959cfd3c05765d0b6c4737c66a9efa78b
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
0b3378a643afeda6e2661ff04173c661ad73d49a596c8b6e0f0dbb8ec5face33
0b5510d755c4aa53ed08b89e71f98e57a65863032be3335a849af2da3157927f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1126b09ae1af1b6c80997993dbd73fc3bc39f1b736a8b96188ed0193a9104c15
1155dec1cfacdc2b1917cd727aab45f23a06cd2df50231a104e91748cf4f5102
12b108ac307b865cf84f9166caeb4d74829e3f948218a86255380d2c0146d920
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1f75e75bf68e8f12748b3e5328710f03717e12128468fa4b31edd6ecd6da65b8
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42
3e730080129c6688d77e0d9d1a8fa15c3090e8e4d7d442e2734a11b767228c08
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8924589515e39311185cc6f3077d9369d6b77cc79255fa2806d50169342340
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b109265c691a67bdd8d0e74f43bdee1bdec21986548467fef34715330d63f69
5b155ec3f14cadcdfc46f2358bcb4920a1fa4fae0d8fd6145b48604feb4769e6
5bc9818da3dff216c557d7c4b7b58bb61f2887fd930e075495dda8baada5830a
5c20f67c6ac54cc14e29857ca3c41c4c8f74137eeab336e51f0b13f6d739eee8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625d55fc5f1a551c7889abbd6f8829300f5ad8742a1a4ff1de97a3e65adb21af
6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4
6910a8742a1210ebe4022b9f9ae90c30c233d4c9d67ebc39097ee12f97394d7b
6b6f90a8994e62c493f0123b839ab662b624380f0105958415e4aaa3dfb67806
72391b795737b2076e1fe86d3f844f3acaeffaf933e82e4e0c38e5ade96095fe
79468cfa7073ac9933757ccca64ece63dc1d9ebf15dbb3327d341602b48e7c08
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c09605af98a8b7d0e7e0a7ac47711edb9446679b6f2fcd18cc0bdccfa90361a
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
872efa81c0f1ee943cc81869bcbd389b7a867629e96944b081ac9f63a66e8098
88d85296ce77cac907f0f148e7efeb4db1dce479a9d831e7b416f3b29615f53b
89fb3317220bcb1ea0d659eb0823a63195f21d2009829e3e2bf559866df5caf8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2bc71de9b614761f8cc6b03c46de4cde15a1f44a0c721e9b64fd5d7353a38e
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b447ca977140c5aab1681d802c2bff8f2dd59081d1d99f7bb0ce0fd5fea6fe
a80daae96345165068ed9fc32051b8d901b4504461efb21193bd51b6c40374b4
a9b6a63515b7282d79f388a877d5597505bb36e4deb99092650910e0cb4c95c4
aa82b0138fe415f2a3980d2178d76c0b093ce80443478a639f94b2c6c68c59a2
ab006d5c253c33e5297d59282e19a23ff643efaa1dce61d4428be4c73ae3acfe
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ad9e6110645579f2eabfaa6d0cf853da4dacb5b87cbc0926477adee353f63054
adb7bb7c7654adef57a5fb6dc6ac3f3d3f7d7be0896694c1b0f4a589e6435ff4
b37193900db765a154a27d76cd172ce4a7023347e2e45338f2aacda1a63dc9e0
b479cc4b08b9086114fc3de944c1230c4975a7ec8d722bcbcb2f8accd805e2e6
b7b7fa85aa54f12b63e107d0699c61f8a36b206819a8ee576be076a1d83af1b8
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98
bf332285f36ed1b439a12b111b9d7005d3e4a11ad9081357e405527aa99d5bd4
c8ca3d89bc4b413f1a4b0411e8032e918591188d54cfd1d6c1ca7426edbf2352
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
caf52b6b20fc50cf59d6f4fe757d8a0e38d6b62be5b8bc4adb9cda895885096b
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
ccb6ceb3abf1e7e7800ed128d3d8fb305ea79ca6df42f3bb2767a76a64cd4084
ccc75887e27e6ed73cf477bfeb8df072e775a208c51d01e136617c058a387270
d6f12ae893ddb31ab83d220badd47d912df61e4430db7875ec679889133f11ed
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8dd5df268c0dca4f50c77733f3ffcdcf5a14e93bab5ab6155882200067eadd3
dafb1a5d8fa0845f77d66fcc1552b3504100b71d0849733b91d1bc36e1c4f628
dc467a3f383d7687cd07fe647ac7fde728a35ce364bb802d2b585ddea4cb8d20
dfd1cdf2dc35d77f957b83b477169987371c896540cc90c6df8576ae1cca0eda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82e9c5e1a47275a40ec095af59f630fec76b34e196408f1f70471ff44809c79
e88c7f00967c577e89526fd0b6a316422a3d789993cbf2a7b9c8114d4187d13c
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c4a747967f123c3a28d5bcc5ae840e49744cbca10f865016879adba33e4a3c
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1cc6c6f329113af369c4224666c47d241e51d417b0a7e4586d32cba3b21c10

www.greenpromocode.com Open in urlscan Pro 2606:4700:20::681a:b4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

90 %HTTPS

71 %IPv6

21 Domains

33 Subdomains

25 IPs

5 Countries

5389 kBTransfer

7292 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.greenpromocode.com Open in urlscan Pro
2606:4700:20::681a:b4c Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

90 %
HTTPS

71 %
IPv6

21
Domains

33
Subdomains

25
IPs

5
Countries

5389 kB
Transfer

7292 kB
Size

20
Cookies

136 HTTP transactions
5 data transactions