installment.anicube.net Open in urlscan Pro
141.164.60.243 Public Scan

Software

cafe /

Resource Hash

8bde4349bbcfe7a455c93ae8551b9e9c5fbd771953d6ea1c817b58381e160f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Origin: https://installment.anicube.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51445
x-xss-protection: 0
server: cafe
etag: 8533947350616164290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jan 2024 10:49:51 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 147ms
52ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: installment.anicube.net
URL: https://installment.anicube.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://installment.anicube.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10169587
x-cache: HIT, HIT
content-length: 124434
x-served-by: cache-lga21932-LGA, cache-den8227-DEN
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704970191.196813,VS0,VE0
etag: W/"28feccc0-7f20a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 312, 7249

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 294ms
130ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8514068593668504

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

686346349d113f309e0b5116e9fbd181495fbd596e6a2dddc0b08fafb82b3e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://installment.anicube.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139401
x-xss-protection: 0
server: cafe
etag: 9239677431064745644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:49:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame B1AA 9 KB
4 KB 253ms
81ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8514068593668504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 00:21:43 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 00:21:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C9A 248 KB
36 KB 717ms
716ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8514068593668504&output=html&adk=1812271804&adf=3025194257&lmt=1704970192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Finstallment.anicube.net%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704970191769&bpp=3&bdt=690&idt=492&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3653902194472&frm=20&pv=2&ga_vid=821135772.1704970192&ga_sid=1704970192&ga_hid=878235261&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080223%2C31080260%2C31080262%2C95320870%2C95320888&oid=2&pvsid=1435562844414329&tmod=1465330203&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=540

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

305082ffc50aa9d8dbc45d766f47f27f3a2d65597c7a30dbe3da987112751fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36501
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 10:49:52 GMT
expires: Thu, 11 Jan 2024 10:49:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52F9 718 B
382 B 244ms
243ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8514068593668504&output=html&h=280&slotname=3136615830&adk=1283938621&adf=533964676&pi=t.ma~as.3136615830&w=798&fwrn=4&fwrnh=100&lmt=1704970192&rafmt=1&format=798x280&url=https%3A%2F%2Finstallment.anicube.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704970191773&bpp=1&bdt=694&idt=546&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3653902194472&frm=20&pv=1&ga_vid=821135772.1704970192&ga_sid=1704970192&ga_hid=878235261&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=401&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080223%2C31080260%2C31080262%2C95320870%2C95320888&oid=2&pvsid=1435562844414329&tmod=1465330203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18fcfd731e08855b244ddc1ea24cb0717a027106d947e56970bf388b42879922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 10:49:52 GMT
expires: Thu, 11 Jan 2024 10:49:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 161 KB
55 KB 116ms
116ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c25d597b038509a16f679e93609f0c390b9d2ea65d2d3baa19903de9f712a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://installment.anicube.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56242
x-xss-protection: 0
server: cafe
etag: 14687949112466151815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 7B4E 9 KB
4 KB 82ms
81ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:06:22 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 23:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 927D 9 KB
4 KB 82ms
82ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:06:22 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 23:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame AC7E 9 KB
4 KB 82ms
82ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:06:22 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 23:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7B4E 4 KB
1 KB 269ms
97ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 10:06:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 7B4E 16 KB
7 KB 300ms
126ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:18:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 7B4E 22 KB
9 KB 312ms
138ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:18:06 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 30ED 101 KB
38 KB 438ms
238ms Script
text/javascript 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

4b97124eadb130a65f46180bf72177638e2a3ab1c4f6b487cda6787102eee462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-mnt-h: 21-tp9r
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Jan 2024 10:49:53 GMT
server: Apache
etag: "01cc0df5e64d0e091b3eeb062454160c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38788
expires: Thu, 11 Jan 2024 10:54:53 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 30ED 72 KB
25 KB 347ms
141ms Script
application/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Thu, 11 Jan 2024 10:49:53 GMT
x-guploader-uploadid: ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Thu, 11 Jan 2024 11:49:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 30ED 3 KB
1 KB 200ms
123ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 30ED 20 KB
9 KB 158ms
82ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30ED 205 KB
65 KB 279ms
102ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 87E1 101 KB
38 KB 290ms
114ms Script
text/javascript 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

bc5c050ce25f20748bda8de1fec4535d6daee1366111cc3c1b5380100ed78f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-mnt-h: 21-tp9r
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Jan 2024 10:49:53 GMT
server: Apache
etag: "5c301a56eff0d6342f4fa47b9e4da1fa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38788
expires: Thu, 11 Jan 2024 10:54:53 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 87E1 72 KB
25 KB 279ms
96ms Script
application/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Thu, 11 Jan 2024 10:49:53 GMT
x-guploader-uploadid: ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Thu, 11 Jan 2024 11:49:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 87E1 3 KB
1 KB 179ms
125ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 87E1 20 KB
8 KB 142ms
89ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87E1 205 KB
65 KB 287ms
134ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H2 200 index-3fd34274.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame D82A 108 KB
40 KB 167ms
55ms Script
application/javascript 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-3fd34274.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 906b9b22e3730fe07d6c7a752e5ab82d6e8f89b58e42c22d864730a020182178

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2012
x-guploader-uploadid: ABPtcPpjTG-CyHKVwKXNgjv9QMWcxIhfhRah7Iy6EtI6aZmfFodoLs4CM0S9n7AT1IH8DDOdBME
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 15:55:05 GMT
server: cloudflare
etag: W/"80577651553a415208b70aa9bbf73f3a"
vary: Accept-Encoding
x-goog-hash: crc32c=z2rfkw==, md5=gFd2UVU6QVIItwqpu/c/Og==
x-goog-generation: 1704902105775623
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35Tjjj58pKG2akleUpKW2U%2FpGtG1DRb8ggHJkPaToum0r7ekmug9O9XFJe591yCZqSNTA2Z9f4UkkenPyFRuonAcEi04pQtRBycGARLHJTj6geswUzHAEcy2ehiajc4tW392"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110195
cf-ray: 843c987f1c035211-DEN
expires: Thu, 11 Jan 2024 11:02:17 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame D82A 13 KB
4 KB 157ms
52ms Stylesheet
text/css 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1602
x-guploader-uploadid: ABPtcPqaCNQjV3yVWqyEfr33TPExamjHZvfCAIAT2EKAEEsoQYor5QTEcW7AhKs7hwbXnVyzCVbhc26pXuHyOar_JvxL
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o27dVpsrvQgqiFUTKMN9%2FaIEmDhj94eX7cgFNcfvsiKK7wRhjnoqm85EP66%2FGZ5KAKrbcoH0VZixx7YpP1q10ju7pvlLQ%2FwZmyP%2BfpMahBUrTsZ0LL665TeaOXoEtTW1QAd0"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 843c987f0a2b1f40-DEN
expires: Thu, 11 Jan 2024 11:15:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D82A 3 KB
1 KB 90ms
86ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D82A 20 KB
8 KB 83ms
81ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:10:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D82A 205 KB
65 KB 209ms
207ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 87E1 131 KB
43 KB 341ms
120ms Script
text/javascript 23.40.179.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-47.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: fe1de03b1cdc21d9ee5305c61b227fac42877418d7f8c0a22e8e805706c4bcf8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 10:49:54 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive, Transfer-Encoding
Transfer-Encoding: chunked
Expires: Thu, 11 Jan 2024 10:54:54 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 48F9 79 KB
31 KB 330ms
329ms Document
text/html 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3322&&kkdd=*3%7Ch%7CnHA93u*&5K=CPqFnPqCnThrFhTrqPh&.YBS=q&dHB(=q&fY5=CCFr&aHft=XTPr&fKY=)OyPbPPCj&fBfY=bf1.LGg247jgvC44wSS7f*%3D%3D&fSKY=))rPPPqs)&HK-t=ChqGhqq&ff=yR&Hf=OA&feNd=0iVZAz6&BKY=)oAhPV6TR&aBKY=mCjThh)&eaaBH=C&SSS=a-VweXfcwXncHAaP-PaKz17q!*wmvazvSb5Pl1Ge!5Fx!tnbv!xvC*%3D%3D&NHt=r&c*=C&2.Y=F&(YaC=)Oyyn73)0&(Yas=)Tns))hFT&uY(a(=HYs%3DN2ccpK2Sc4c%3DCqpL.tSBd%3DqIqPpYLd4u%3DqIrTpHfY%3DfLpS(t%3Dq%2CqpYLd4c%3Dsqp5csS4HY%3DsqsFqCCqC)pK2Sc4u%3D)CrICPp2Sc4aEf%3Dqp2Sc4Ss(4u%3DqpHaY%3D(H*K!a4C4eLHapdN4ute4uLLHa%3DqIPhpS(a%3DqIqqq%2CqpKB%3DC(V5!(p!uu%3DChpue4Kd%3DChPpSKKB2(%3DCq%2CCqpSf%3DCpSBH4HY%3DsqsFqCCqCFpS(Y5%3DqIqqq%2Cqp2Sc4u%3DCIqFp5csS42Sc4u%3Dqp2Sc4c%3DCqpHc5%3DT)IqCp.f(a%3DwCpuu%3DCnhptSBd%3DqIqPp5csS42Sc4Ef%3DqjqpBHK4f%3DC%2CC%2Cq%2Cq%2Cq%2Cq%2Cq%2Cqpud%3DCpBHK4Y%3DqpSEt%3Dq%2Cqp(TB4u%3DCIs%2C)TIP)pHY%3Dqp2KY%3Dsl(MdE)M!vH8Tun3S8pf5csS4u%3DqIhnpuaY%3DPrrnsqPCsTFTrPrFnCnTnr)PPThTqTqqshPqsTPPhP)qnTTsqFsnFrnPCrsP))qFFqFnCTFnssChrT)P)nrTnrsqPnnCsqqFrnqT)Psp2Kd%3DqpSEa%3DqIqqq%2CqpL.YsB4u%3DqIn)pHH%3Dzipff%3DyRp2K*%3DwCpft%3DqpSf5%3DTrIs)pOl%3DTq)npEu42f%3DwspNaH%3DspEu4ffEH%3Dwspfa%3DYtN5tSpuHH4Qm~%3Dzi%2Czipu(HKHs%3DCnhpuYa%3DCPqFnPqCnspu(HKHC%3DCnhpue4HY%3DsqsFqCCqqspYf%3D)p5csS4u%3DCIsp5*4tGf%3DqI)hp5KH4HY%3DshTp2Sc4SBH4u%3DnITPpue4fL%3DqpYfs%3DCp54(HN%3DCTCCnnpc(Ha%3Dpf5L.%3DqIhnp5KH42Sc4u%3DqIrhp5csS4K4HY%3DsqsFqCCqC)p5KH42Sc4c%3Dqpta%3DCPp5csS4K4u%3DqIqCp5KH4u%3D)r)IqTp5csS42Sc45K%3DCjwChp2Sc4a5K%3Dqp55%3Dqpf5csS4HY%3DsrTpS!5%3DTrIs)pcsS4u%3DCqqqp*S4u%3DCIqC%2CqpS(YB%3DqIqqq%2CqpHKY%3D))rPPPqs)p2Sc4SBH4Ef%3Dqp5*2%3DqI)hpYsB4c%3DCqpf5cs%3DqIhnpTBf!%3DCqqqIhspL.4dHe%3DqICTpYdd4HaS.%3De(SdLNvpYsB4u%3DqIn)pSBH4u%3D)TIP)p2Sc4HSBH4u%3DnITPpSE*B%3DqIqqq%2CqpSE*Y%3DqIqqq%2CqpKHVt!%3DqpKHK!%3Dqp2Sc4SBf4u%3DqpuKY%3DqIqPp2Sc4SBH4S5%3DqpfuYB%3DqIqCFpKavBt4KY%3DCPpHtcctS4a(.4KY%3D(H*K!a4C4eLHapH2BBcv4a(.4KY%3DpYtatfatY4a(.4KY%3D(H*K!a4C4eLHap5Kt*(uKcKav%3DqI)hpBLH%3DCp(f4avBt%3DCp(YucE%3DC)CssPC)qFp(dB%3DCpL.uKY%3DqIqPqpu!cS%3DqIqCqpH2KY%3DpYaf%3Dt(Ha4HfpYdd4tSBd%3D!(cHtpYdd%3De(SdLNvpuYBf(BY%3DqpY(c.%3DYt!(2capH.da%3DcLN.4a(Kc4eLdtB(.t4f(afe(ccpHLuB%3DpGKY%3DixUwB2uw)rCFqh)rnThh)rqFpeadc%3DCp(Y4BLH%3D%7B%22a%22%3Aq%2C%22B%22%3AF%7DpYf2a%3D)qpYL.u%3DqwCptfB42HtY%3D1qrptfB4Bqr%3DqIqTP)hrsrh)rsrrPsFptfB4BCq%3DqIq)FCnnnq)nFFFnTrFptfB4BCr%3DqICTnFnqCTThrrCrqsptfB4Bsq%3DqICnPhsqhrTPrnqqqTPptfB4Bsr%3DqIsrTrnTCPnnsFrshFhptfB4BTq%3DqITsPPqCCrP)PFqssPhptfB4BTr%3DqIFCr)PFFTshqCrTTCptfB4BFq%3DqIrCnnr)nrs)Phn)TsptfB4BFr%3DqIhT)hrPTCnrrnPFFptfB4Brq%3DqIPr)TCnsPCrnssrTrptfB4Brr%3DqInq))PC)qqTqTrTrrptfB4Bhq%3DCICqP)CqPnsss)rhrhptfB4Bhr%3DCITsFPn)TCP)PsqTq)ptfB4BPq%3DCIhChPTPCqrqhFCsTTptfB4BPr%3DsIqqqFFT)FrPCP)sqFptfB4B)q%3DsIh)CPTChq)qrFPsPrptfB4B)r%3DTIh)r)n)nPsPsCCptfB4Bnq%3DrIrnCnqPhhTnrs)nTrptfB4Bnr%3DCsIrrPPqssqCrPhnrCptfB4Bnn%3DPCIh)TTshhhnPPsFPpKuf%3DCpNH-%3Dspa.H%3DCsqGhqq%7CChqGhqqpuHu%3DqpuHB%3DqpadG%3DsTr&Na5=q&ddd=2ULHz!lx1jE%3D&K*=q&KNl!S=C&uYSlY=Fhq&uKY=TFnqhh&df!=Phrns&vYHBS=C&u(t=gGtz(Gtg(.pgGtz(GtG(.pFtt&E(aBSt=C&E(auKY=wCqs&f(YLd(KN=a-VweXfcwXw0RezFsw22!YNrAUesKOqzh1YTsvFlRfWJA0W4EvWL-.%3D%3D&vBcB=C&KHKY=r&(Y5=lN5tHaLS%203Lf2H&HHdfS45tS=r&B.KY=BCCTTs)rnhrhasqsFqCCCCqFn&HHcY=%7B%22HHKB%22%3A%22hFIFFI)PIq%22%2C%22HHff%22%3A%22yR%22%2C%22HHHf%22%3A%22OA%22%2C%22HHfav%22%3A%22YtN5tS%22%7D&eadcHSf=C&sflct=1944242&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

d28c945cc241190161850d56f002002f73c2904ebae5f04d34ca9bd00367e075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31309
content-type: text/html
date: Thu, 11 Jan 2024 10:49:54 GMT
expires: Thu, 11 Jan 2024 10:49:54 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-5td9

GET
H2 200 bping.php
lg3.media.net/ Frame 87E1 35 B
200 B 140ms
118ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=3056&&vgd_cdv=1145&vgd_cage=1&vgd_tsce=L375&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=885777028&vi=1704970193654635076&ugd=4&lf=6&cc=US&sc=CO&lper=100&wsip=170785157&r=1704970193867&rrr=tzR-hLcl-L9lsOt7z7tiNqJ0fw-TytNyrQv7Iqxhfv4Dfe9QyfDy1w%3D%3D&requrl=https%3A%2F%2Finstallment.anicube.net%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.XA~QNOvNm~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9uu9uW~8xLjMGvWuX.uh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MuMwmQ7~YzMGJwMGmmQ7v9.hF~L17v9.999%2C9~8Evu1Dek1~kGGvuF~GwM8YvuFh~L88Ex1vu9%2Cu9~LNvu~LEQMQOvf9fH9uu9uH~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~xLjMjvu9~QjevAW.9u~yN17vou~GGvuiF~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvu.f%2CWA.hW~QOv9~x8OvfV1ZYUWZk5Q2AGisL2~NejfLMGv9.Fi~G7OvhXXif9hufAHAXhXHiuiAiXWhhAFA9A99fFh9fAhhFhW9iAAf9HfiHXihuXfhWW9HH9HiuAHiffuFXAWhWiXAiXf9hiiuf99HXi9AWhf~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevAX.fW~%3DVvA9Wi~UGMxNvof~z7Qvf~UGMNNUQvof~N7vOJzeJL~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hih9uif~G1Q8QuvuiF~GwMQOvf9fH9uu99f~ONvW~ejfLMGvu.f~eBMJ-Nv9.WF~e8QMQOvfFA~xLjMLEQMGvi.Ah~GwMNmv9~ONfvu~eM1QzvuAuuii~j1Q7v~Nemyv9.Fi~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9uu9uW~e8QMxLjMjv9~J7vuh~ejfLM8MGv9.9u~e8QMGvWXW.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXA~LkevAX.fW~jfLMGvu999~BLMGvu.9u%2C9~L1OEv9.999%2C9~Q8OvWWXhhh9fW~xLjMLEQMUNv9~eBxv9.WF~OfEMjvu9~Nejfv9.Fi~AENkvu999.Ff~myMYQwv9.uA~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~LEQMGvWA.hW~xLjMQLEQMGvi.Ah~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9h~xLjMLEQMLev9~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MuMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MuMwmQ7~e8JB1G8j875v9.WF~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoWXuH9FWXiAFFWX9H~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9AhWFXfXFWXfXXhfH~JNEMEu9v9.9WHuiii9WiHHHiAXH~JNEMEuXv9.uAiHi9uAAFXXuX9f~JNEMEf9v9.uihFf9FXAhXi999Ah~JNEMEfXv9.fXAXiAuhiifHXfFHF~JNEMEA9v9.Afhh9uuXhWhH9ffhF~JNEMEAXv9.HuXWhHHAfF9uXAAu~JNEMEH9v9.XuiiXWiXfWhFiWAf~JNEMEHXv9.FAWFXhAuiXXihHH~JNEMEX9v9.hXWAuifhuXiffXAX~JNEMEXXv9.i9WWhuW99A9AXAXX~JNEMEF9vu.u9hWu9hifffWXFXF~JNEMEFXvu.AfHhiWAuhWhf9A9W~JNEMEh9vu.FuFhAhu9X9FHufAA~JNEMEhXvf.999HHAWHXhuhWf9H~JNEMEW9vf.FWuhAuF9W9XHhfhX~JNEMEWXvA.FWXWiWihfhfuu~JNEMEi9vX.Xiui9hFFAiXfWiAX~JNEMEiXvuf.XXhh9ff9uXhFiXu~JNEMEiivhu.FWAAfFFFihhfHh~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&ssld=%7B%22QQ8E%22%3A%22FH.HH.Wh.9%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22%3Da%22%2C%22QQN75%22%3A%22OJzeJL%22%7D&vgd_bid=349066&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=131199&vgd_rakh=1704970193139989281&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p11332859656t202401111049&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001704970193861010766478033974&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 11 Jan 2024 10:49:53 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 35
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B0EC 27 KB
10 KB 136ms
135ms Document
text/html 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

037416b8f7e3431eba62182353b9e821364aaada0939a45bcda276b609920d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 9640
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 10:49:53 GMT
expires: Sat, 13 Jan 2024 10:49:53 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 87E1 35 B
191 B 121ms
116ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6665&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=rHri_tPqSPWc0_87iwz_Yg&vid=rHri_tPqSPWc0_87iwz_Yg&dn=installment.anicube.net&rawDn=installment.anicube.net&requrl_dn=installment.anicube.net&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Finstallment.anicube.net&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=CO&ct=denver&zip=80219&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-5f6f69d475-kst9c.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=131199&sckfl=0&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4Lgh5nqLi96johw7v1EKCi71nDbJ_b9ZrrxcnOEmzBLoUpVxfKuQVV7jVroryR6gRG&pexid=ADX-pub-8514068593668504&geoll=false&is_ortb=false&commit_id=8a3f89c0&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-10+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=60&req_tid_present=false&pvid=460&prvAccId=885777028&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=86046277673179_62027501_8392886434601&size=160x600&chnl=HARMONY&bdp=0.070&bid_uuid=625dfca81348ad1d3b3dffd59123f760&cbdp=0.014&og_cbdp=0.070&ogbdp=0.07&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.014&dsrc=-2&dp=0&dbf=1&epc=885777028&s=1&snm=SUCCESS&pcrid=8CU7Q771E-885777028-2-6&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=86&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704970192556&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.07&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_1_host&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=235&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=2bf0eb232d&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23RealTimeValidBid%3A15m%23%23NedCkflWithData%3ANoBlk%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue%23%23NedCkfl%3ANoBlk%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=5adf01eec2034480585c3e10790950fc&rtime=26.0&wsip=mowx-lite-7c6dc5885b-d4kxp&ltime=35.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=5adf01eec2034480585c3e10790950fc_1&policy_enf=2&pub_blk_enf=1&req_size=120x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_1_host&feedback_id=rHri_tPqSPWc0_87iwz_Yg_1&supplyTagId=1812271804&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2024-01-11+10%3A49%3A52&__expireat=1704970792811&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.070&lo_cbdp=0.014&actltime=35&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.07~dom_b%3D0.53~scd%3Dco~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024011018~iurl_b%3D815.17~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_1_host~mn_beh_boost%3D0.76~rat%3D0.000%2C0~ip%3D1aRvfa~fbb%3D16~bh_im%3D167~riipua%3D10%2C10~rc%3D1~rps_sd%3D2024011014~radv%3D0.000%2C0~url_b%3D1.04~vl2r_url_b%3D0~url_l%3D10~slv%3D38.01~gcat%3D-1~bb%3D196~erpm%3D0.07~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~a3p_b%3D1.2%2C83.78~sd%3D0~uid%3D2IaGmk8GfysZ3b9FrZ~cvl2r_b%3D0.69~btd%3D7559207123435754919395877363030026702377678093320429459715278804404913492216538789539520799120045903872~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D35.28~CI%3D3089~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Ddenver~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704970192~basis1%3D196~bh_sd%3D2024011002~dc%3D8~vl2r_b%3D1.2~vw_exc%3D0.86~vis_sd%3D263~url_rps_b%3D9.37~bh_co%3D0~dc2%3D1~v_asn%3D131199~last%3D~cvog%3D0.69~vis_url_b%3D0.56~vl2r_i_sd%3D2024011018~vis_url_l%3D0~et%3D17~vl2r_i_b%3D0.01~vis_b%3D858.03~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D253~rfv%3D35.28~l2r_b%3D1000~wr_b%3D1.01%2C0~radp%3D0.000%2C0~sid%3D885777028~url_rps_kc%3D0~vwu%3D0.86~d2p_l%3D10~cvl2%3D0.69~3pcf%3D1000.62~og_msh%3D0.13~dmm_strg%3Dharmony~d2p_b%3D0.98~rps_b%3D83.78~url_srps_b%3D9.37~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.07~url_rps_rv%3D0~cbdp%3D0.014%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_1_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_1_host%7Eviewability%3D0.86%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271804%7Eamp%3D1%7Eogbid%3D0.070%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-8514068593668504%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Edcut%3D80%7Edogb%3D0-1%7Eecp_used%3Dq05%7Eecp_p05%3D0.03786525685255724%7Eecp_p10%3D0.08419990894449354%7Eecp_p15%3D0.1394901336551502%7Eecp_p20%3D0.19762065375900037%7Eecp_p25%3D0.25359317992452646%7Eecp_p30%3D0.32770115787402276%7Eecp_p35%3D0.4158744326015331%7Eecp_p40%3D0.5199589528769832%7Eecp_p45%3D0.638657319559744%7Eecp_p50%3D0.7583192715922535%7Eecp_p55%3D0.9088718003035355%7Eecp_p60%3D1.1078107922285656%7Eecp_p65%3D1.3247983178720308%7Eecp_p70%3D1.6167371050641233%7Eecp_p75%3D2.0004438457178204%7Eecp_p80%3D2.6817316080547275%7Eecp_p85%3D3.6858989727211%7Eecp_p90%3D5.5919076639528935%7Eecp_p95%3D12.557702201576951%7Eecp_p99%3D71.68332666977247~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D235&utime=1324&sf=0&cpr=0.017274724307136058

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:53 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Jan 2024 10:49:53 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 30ED 131 KB
43 KB 305ms
128ms Script
text/javascript 23.40.179.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-47.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: fe1de03b1cdc21d9ee5305c61b227fac42877418d7f8c0a22e8e805706c4bcf8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 10:49:54 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive, Transfer-Encoding
Transfer-Encoding: chunked
Expires: Thu, 11 Jan 2024 10:54:54 GMT

GET
H3 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame B135 79 KB
31 KB 580ms
579ms Document
text/html 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3317&&kkdd=3!%7Ch%7C9uHAn3*&222=xtmNEJVf)oP%3D&e-=*Y9HIY9*IAIA9*Y9IhA&yO5F=9&2N5Q=9&XOe=**Hh&KNX1=TAYh&X-O=WwaYMYY*o&X5XO=MX)ym!Lx0_oL3*00gFF_XB%3D%3D&XF-O=WWhYYY9nW&N-.1=*u9!u99&XX=a4&NX=w8&Xbk2=Dz6c8EC&5-O=Wd8uY6CA4&K5-O=i*oAuuW&bKK5N=*&FFF=K.6gbTXRgTIRN8KY.YK-E)_9JBgi3KE3FMeYV)!bJeHfJ1IM3Jf3*B%3D%3D&kN1=h&RB=*&xyO=H&QOK*=WwaaI_sWD&QOKn=WAInWWuHA&GOQKQ=NOn%3DkxRRU-xFR0R%3D*9Umy1F52%3D9v*HUOm20G%3D9vhAUNXO%3DXmUFQ1%3D9%2C9UOm20R%3Dn9UeRnF0NO%3Dn9nH9**9*WU-xFR0G%3DW*hv*YUxFR0KPX%3D9UxFR0FnQ0G%3D9UNKO%3DQNB-JK0*0bmNKU2k0G1b0GmmNK%3D9vYuUFQK%3D9v999%2C9U-5%3D*Q6eJQUJGG%3D*uUGb0-2%3D*uYUF--5xQ%3D*9%2C*9UFX%3Dn%2CnWUF5N0NO%3Dn9nH9**9*HUFQOe%3D9v999%2C9UxFR0G%3D*v9HUeRnF0xFR0G%3D9UxFR0R%3D*9UNRe%3DAWv9*UyXQK%3Dg*UGG%3D*IuU1F52%3D9v*HUeRnF0xFR0PX%3D9o9U5N-0X%3D*%2C*%2C9%2C9%2C9%2C9%2C9%2C9UG2%3D*U5N-0O%3D9UFP1%3D9%2C9UQA50G%3DAv9*%2CWAvYWUNO%3D9Ux-O%3DnVQ~kZF~A*n2LKoTKOUXeRnF0G%3D*vHnUGKO%3DYhhIn9Y*nAHAhYhHI*IAIhWunhH*uHnu99WYh9A*HI9HW9I9AH*HYYnIYYHAH99AWuuuWnIhIW9*9HhYuIAHHHnAhWI*YhHIIHnAYHHUx-2%3D9UFPK%3D9v999%2C9UmyOn50G%3D9vIWUNN%3DEzUXX%3Da4Ux-B%3Dg*UX1%3D9UFXe%3DAhvnWUwV%3DA9WIUPG0xX%3DgnUkKN%3DnUPG0XXPN%3DgnUXK%3DO1ke1FUGNN0Zi7%3DEz%2CEzUGQN-Nn%3D*IuUGOK%3D*Y9HIY9*InUGQN-N*%3D*IuUGb0NO%3Dn9nH9**99nUOX%3DWUeRnF0G%3DAv9*UKK%3D9UeB01!X%3D9vWuUe-N0NO%3DnuAUxFR0F5N0G%3DIvAYUGb0Xm%3D9UOXn%3D*Ue0QNk%3D*A**IIURQNK%3DUXemy%3D*vHnUe-N0xFR0G%3D9vhuUeRnF0-0NO%3Dn9nH9**9*WUe-N0xFR0R%3D9U1K%3DnHUeRnF0-0G%3D9v9nUe-N0G%3DWhYv9HUeRnF0xFR0e-%3D*og*uUxFR0Ke-%3D9Uee%3D9UXeRnF0NO%3DnhAUFJe%3DAhvnWURnF0G%3D*999UFQO5%3D9v999%2C9UN-O%3DWWhYYY9nWUxFR0F5N0PX%3D9UeBx%3D9vWuUOn50R%3D*9UXeRn%3D*vHnUA5XJ%3DWHhvhWUmy02Nb%3D9v*WUO220NKFy%3DbQF2mk3UOn50G%3D9vIWUF5N0G%3DWAvYWUxFR0NF5N0G%3DIvAYUFPB5%3D9v999%2C9UFPBO%3D9v999%2C9U-N61J%3D9U-N-J%3D9UxFR0F5X0G%3D9UG-O%3D9v*HUxFR0F5N0Fe%3D9UXGO5%3D9v9nWU-K3510-O%3D*YUN1RR1F0KQy0-O%3DQNB-JK0*0bmNKUNx55R30KQy0-O%3DUO1K1XK1O0KQy0-O%3DQNB-JK0*0bmNKUe-1BQG-R-K3%3D9vWuU5mN%3D*UQX0K351%3D*UQOGRP%3D*W*nnY*W9AUQ25%3D*UmyG-O%3D9v*H9UGJRF%3D9v9*9UNx-O%3DUOKX%3D1QNK0NXUO2201F52%3DJQRN1UO22%3DbQF2mk3UGO5XQ5O%3D9UOQRy%3DO1JQxRKUNy2K%3DRmky0KQ-R0bm215Qy10XQKXbQRRUNmG5%3DU!-O%3Dzftg5xGgWh*H9uWhIAuuWh9HUbK2R%3D*UQO05mN%3D%7B%22K%22%3A*%2C%225%22%3AH%7DUOXxK%3DW9UOmyG%3D9g*U1X50xN1O%3D)*9U1X5059h%3D9v9HnWnAHW*WY9Y9Y9WU1X505*9%3D9v***H9nWWuHhAuHuInU1X505*h%3D9v*WhnnIAI99A9uhn9IU1X505n9%3D9vnuY9YhhY*I*YA*YAU1X505nh%3D9vAHuAh9hHnYhh*9*WU1X505A9%3D9vHHuWnuWuuAAYuAA*U1X505Ah%3D9vhuuWhII*hnnInIunU1X505H9%3D9vY9nHIHnAYY*9nnInU1X505Hh%3D9vWuH9WHYhI*WAuI*IU1X505h9%3D*v9AWAWYnuAYIhA9unU1X505hh%3D*vnhuWuHh*Yuuh9*HHU1X505u9%3D*vhAH9huHA9IY*IIHuU1X505uh%3D*vWh9AWYuhA*nu9hAnU1X505Y9%3DnvnYWn9AWIIYYYHIAHU1X505Yh%3DnvWuH*uh9hhIWWInuU1X505W9%3DAvWn*uA*W**hWWnAIU1X505Wh%3DhvAuAuY*uu**Ih*huhU1X505I9%3DWvAWHYu******AWHuU1X505Ih%3D*WvnhWYAYWuAAhHIuU1X505II%3DIuvInWHnuII*hhA9HU-GX%3D*UkN.%3DnUKyN%3D*n9!u99%7C*u9!u99UGNG%3D9UGN5%3D9UK2!%3DnAH&kKe=9&-B=9&-kVJF=*&GOFVO=Hu9&G-O=AHI9uh&2XJ=YuhIn&3ON5F=*&GQ1=L!1EQ!1LQyUL!1EQ!1!QyUH11&PQK5F1=*&PQKG-O=g*9n&XQOm2Q-k=K.6gbTXRgTgD4bEHngxxJOkh8tbn-w9Eu)OAn3HV4Xr(8Dr0P3rm.y%3D%3D&35R5=*&-N-O=h&QOe=Vke1NKmF%20smXxN&NN2XF0e1F=h&5y-O=5**AAnWhIuhuKn9nH9****9HI&NNRO=%7B%22NN-5%22%3A%22uHvHHvWYv9%22%2C%22NNXX%22%3A%22a4%22%2C%22NNNX%22%3A%22w8%22%2C%22NNXK3%22%3A%22O1ke1F%22%7D&bK2RNFX=*&sflct=1944242&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

8ac52fd21511ebeccc86d8558bc701c146d18ce437b23ddd87b25d601d4e5153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31317
content-type: text/html
date: Thu, 11 Jan 2024 10:49:54 GMT
expires: Thu, 11 Jan 2024 10:49:54 GMT
pragma: no-cache
quic-version: 0x00000001
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-5td9

GET
H2 200 bping.php
lg3.media.net/ Frame 30ED 35 B
200 B 153ms
149ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=3051&&vgd_cdv=1145&vgd_cage=1&vgd_tsce=L375&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=885777028&vi=1704970193930170953&ugd=4&lf=6&cc=US&sc=CO&lper=100&wsip=170785157&r=1704970194044&rrr=tzR-hLcl-L9lsOt7z7tiNqJ0fw-TytNyrQv7Iqxhfv4Dfe9QyfDy1w%3D%3D&requrl=https%3A%2F%2Finstallment.anicube.net%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.uH~OmYMGv9.XA~QNOvNm~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9uu9uW~8xLjMGvWuX.uh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MuMwmQ7~YzMGJwMGmmQ7v9.hF~L17v9.999%2C9~8Evu1Dek1~kGGvuF~GwM8YvuFh~L88Ex1vu9%2Cu9~LNvf%2CfW~LEQMQOvf9fH9uu9uH~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~xLjMjvu9~QjevAW.9u~yN17vou~GGvuiF~JLEYv9.uH~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvA.9u%2CWA.hW~QOv9~x8OvfV1ZzCLZAufYR74T7O~NejfLMGvu.Hf~G7OvhXXif9hufAHAXhXHiuiAiXWFfXHuFHfF99WhX9AuHi9HW9i9AHuHhhfihhHAH99AWFFFWfiXiW9u9HXhFiAHHHfAXWiuhXHiiHfAhHH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevAX.fW~%3DVvA9Wi~UGMxNvof~z7Qvf~UGMNNUQvof~N7vOJzeJL~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hih9uif~G1Q8QuvuiF~GwMQOvf9fH9uu99f~ONvW~ejfLMGvA.9u~77v9~eBMJ-Nv9.WF~e8QMQOvfFA~xLjMLEQMGvi.Ah~GwMNmv9~ONfvu~eM1QzvuAuuii~j1Q7v~Nemyvu.Hf~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9uu9uW~e8QMxLjMjv9~J7vfH~ejfLM8MGv9.9f~e8QMGvWXh.9H~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXA~LkevAX.fW~jfLMGvu999~L1OEv9.999%2C9~Q8OvWWXhhh9fW~xLjMLEQMUNv9~eBxv9.WF~OfEMjvu9~Nejfvu.Hf~AENkvWHX.XW~myMYQwv9.uW~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~LEQMGvWA.hW~xLjMQLEQMGvi.Ah~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uH~xLjMLEQMLev9~NGOEv9.9fW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MuMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MuMwmQ7~e8JB1G8j875v9.WF~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.uH9~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoWXuH9FWXiAFFWX9H~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vW9~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9HfWfAHWuWh9h9h9W~JNEMEu9v9.uuuH9fWWFHXAFHFif~JNEMEuXv9.uWXffiAi99A9FXf9i~JNEMEf9v9.fFh9hXXhuiuhAuhA~JNEMEfXv9.AHFAX9XHfhXXu9uW~JNEMEA9v9.HHFWfFWFFAAhFAAu~JNEMEAXv9.XFFWXiiuXffifiFf~JNEMEH9v9.h9fHiHfAhhu9ffif~JNEMEHXv9.WFH9WHhXiuWAFiui~JNEMEX9vu.9AWAWhfFAhiXA9Ff~JNEMEXXvu.fXFWFHXuhFFX9uHH~JNEMEF9vu.XAH9XFHA9ihuiiHF~JNEMEFXvu.WX9AWhFXAufF9XAf~JNEMEh9vf.fhWf9AWiihhhHiAH~JNEMEhXvf.WFHuFX9XXiWWifF~JNEMEW9vA.WfuFAuWuuXWWfAi~JNEMEWXvX.AFAFhuFFuuiXuXFX~JNEMEi9vW.AWHhFuuuuuuAWHF~JNEMEiXvuW.fXWhAhWFAAXHiF~JNEMEiiviF.ifWHfFiiuXXA9H~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAH&ssld=%7B%22QQ8E%22%3A%22FH.HH.Wh.9%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22%3Da%22%2C%22QQN75%22%3A%22OJzeJL%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=131199&vgd_rakh=1704970193169749174&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p11332859656t202401111049&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001704970194039010766478032307&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 11 Jan 2024 10:49:54 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 35
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
H3 200 checksync.php Show response
contextual.media.net/ Frame 7C8F 27 KB
9 KB 123ms
122ms Document
text/html 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

037416b8f7e3431eba62182353b9e821364aaada0939a45bcda276b609920d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 9640
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 10:49:54 GMT
expires: Sat, 13 Jan 2024 10:49:54 GMT
quic-version: 0x00000001
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 30ED 35 B
191 B 151ms
150ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6656&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=u4XnriHQn_XWPM8OwZyfow&vid=u4XnriHQn_XWPM8OwZyfow&dn=installment.anicube.net&rawDn=installment.anicube.net&requrl_dn=installment.anicube.net&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Finstallment.anicube.net&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=CO&ct=denver&zip=80219&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-5f6f69d475-ng7l6.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=131199&sckfl=0&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6_sILP5F48EhQb0qCELadxwcTMYwKVjt9MFpWEc-n2bW8koJQi8iElH14zInSD0efE&pexid=ADX-pub-8514068593668504&geoll=false&is_ortb=false&commit_id=8a3f89c0&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-10+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=87&req_tid_present=false&pvid=460&prvAccId=885777028&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=77342594067066_1201394991_8392886434601&size=160x600&chnl=HARMONY&bdp=0.140&bid_uuid=37780c5a985934b6553733a91dcfa623&cbdp=0.028&og_cbdp=0.140&ogbdp=0.14&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.028&dsrc=-2&dp=0&dbf=1&epc=885777028&s=1&snm=SUCCESS&pcrid=8CU7Q771E-885777028-2-19&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=86&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704970192589&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.14&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_1_host&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=234&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=2bf0eb232d&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23RealTimeValidBid%3A1hr%23%23bsNed%3AnoAdd%23%23NedCkflWithData%3ALesBlk%23%23NedCkfl%3ALesBlk%23%23BssTgtMig%3Atgt%23%23prll_req%3Atrue&mx_isNed=1&acid=aa4711df3a02048d821c05beecf2956c&rtime=51.0&wsip=mowx-lite-7c6dc5885b-6wx9c&ltime=61.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=1812271803&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=aa4711df3a02048d821c05beecf2956c_1&policy_enf=2&pub_blk_enf=1&req_size=120x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_1_host&feedback_id=u4XnriHQn_XWPM8OwZyfow_1&supplyTagId=1812271803&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2024-01-11+10%3A49%3A52&__expireat=1704970792844&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.140&lo_cbdp=0.028&actltime=61&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.14~dom_b%3D0.53~scd%3Dco~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024011018~iurl_b%3D815.17~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_1_host~mn_beh_boost%3D0.76~rat%3D0.000%2C0~ip%3D1aRvfa~fbb%3D16~bh_im%3D167~riipua%3D10%2C10~rc%3D2%2C28~rps_sd%3D2024011014~radv%3D0.000%2C0~url_b%3D1.04~vl2r_url_b%3D0~url_l%3D10~slv%3D38.01~gcat%3D-1~bb%3D196~erpm%3D0.14~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~a3p_b%3D3.01%2C83.78~sd%3D0~uid%3D2IaGnKrG312mBtELtd~cvl2r_b%3D1.42~btd%3D7559207123435754919395862541642600875031490480903414772977434003866682959801045769344423589175499423744~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D35.28~CI%3D3089~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Ddenver~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704970192~basis1%3D196~bh_sd%3D2024011002~dc%3D8~vl2r_b%3D3.01~tt%3D0~vw_exc%3D0.86~vis_sd%3D263~url_rps_b%3D9.37~bh_co%3D0~dc2%3D1~v_asn%3D131199~last%3D~cvog%3D1.42~vis_url_b%3D0.56~vl2r_i_sd%3D2024011018~vis_url_l%3D0~et%3D24~vl2r_i_b%3D0.02~vis_b%3D857.04~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D253~rfv%3D35.28~l2r_b%3D1000~radp%3D0.000%2C0~sid%3D885777028~url_rps_kc%3D0~vwu%3D0.86~d2p_l%3D10~cvl2%3D1.42~3pcf%3D845.58~og_msh%3D0.18~dmm_strg%3Dharmony~d2p_b%3D0.98~rps_b%3D83.78~url_srps_b%3D9.37~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.14~url_rps_rv%3D0~cbdp%3D0.028%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_1_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_1_host%7Eviewability%3D0.86%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271803%7Eamp%3D1%7Eogbid%3D0.140%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-8514068593668504%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edcut%3D80%7Edogb%3D0-1%7Eecp_used%3Dq10%7Eecp_p05%3D0.04282348187070708%7Eecp_p10%3D0.11140288645364692%7Eecp_p15%3D0.18522939003065209%7Eecp_p20%3D0.2670755719173173%7Eecp_p25%3D0.3463505427551018%7Eecp_p30%3D0.4468268663376331%7Eecp_p35%3D0.5668599152292962%7Eecp_p40%3D0.7024942377102292%7Eecp_p45%3D0.8640847591836919%7Eecp_p50%3D1.0383872637953062%7Eecp_p55%3D1.2568645176650144%7Eecp_p60%3D1.5340564309719946%7Eecp_p65%3D1.8503876531260532%7Eecp_p70%3D2.2782038997774934%7Eecp_p75%3D2.864165055988926%7Eecp_p80%3D3.821631811588239%7Eecp_p85%3D5.3636716611951565%7Eecp_p90%3D8.384761111113846%7Eecp_p95%3D18.25873786335496%7Eecp_p99%3D96.92842699155304~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D234&utime=1467&sf=0&cpr=0.5683584920247193

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
H2

200

cksync
cs.media.net/ Frame B0EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3OTcxNzkzNDc4MDMwOTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1

57 B
449 B

137ms
118ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-48-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Thu, 11 Jan 2024 10:49:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame D82A 60 KB
61 KB 96ms
94ms Font
application/octet-stream 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013
x-guploader-uploadid: ABPtcPpJkysdFIzi_kuy-3FDTfn4VoZQdz3ZCH7pyHNjBMLODO0dO3XOflpdqytlBeq8x8D6U0gMfPfLqDwPAhtZDZanH0s87J48
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c9smvf952reyzKN9oCaX%2FCCpjuCReYp%2F1dTOk4gZEn8U2UU6s1InpkYS3OPKmUFzZT9KJop90PccCtOQh1WkfpT76HocNef1aTNZ4CKr7EpKFP5tRLObba9yEcPP%2BF4F6rB"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 843c9881ad5c5211-DEN
expires: Thu, 11 Jan 2024 11:10:48 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame D82A 60 KB
61 KB 51ms
51ms Font
application/octet-stream 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013
x-guploader-uploadid: ABPtcPr3h4Lo6vAAQf_PeS1oxdUgAvK8Q21wy92oM00VVvjVYENbcfSP42oB5hgdhzBnhzr5wScFy4f6mxI6JNCfGbGlx_8fam8M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG811DpkIDO6sfUM8Xyu6qBb3JNbTb094mLMvfpMGaALwEiCgO9AEVbC3ObRmtnq%2B7gDPmNyXiuGjNsS3rG6jvQssiFBuSfc%2FoPVEg0QpoBbcYZ6bTSfrsjcMpmuK%2Bkf4V12"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 843c9881ad5d5211-DEN
expires: Thu, 11 Jan 2024 10:47:55 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame D82A 0
969 B 100ms
87ms Ping
text/plain 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-3fd34274.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jan 2024 10:49:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLBnS9xfVBD2rufhE4UqBXkbzY5NK0Vlk5SE5wnzZTBk58XZm4BHiGDvoeV5rasw8Yr5uV3kLqiUfZe44iXvrQ6aG9e18xy2BuuPBFdx1Hs66MOKzZJIOWdM%2F5qv0HN2uA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 843c9881ec621f40-DEN
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2

200

cksync
cs.media.net/ Frame 7C8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3OTcxNzkzNDc4MDM0MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1

57 B
449 B

124ms
124ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-48-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Thu, 11 Jan 2024 10:49:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIXX4PAjcTtndpQ3OGAfDy4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame D82A 0
259 B 72ms
71ms Ping
text/plain 172.67.176.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-3fd34274.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jan 2024 10:49:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYclLE%2FyOGnFy2P%2FmV7dNlvxhISLIw5jx8NzJapBWOFiV5PPionKnpGvQfWKStsOp5bx%2FNZutkv0HZI%2BIkFM3uPQWNbhhNeI8g10eXcyeO8mzs2HpUWZFyjNdXprYPwDYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 843c9882cce71f40-DEN
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 bql.php Show response
lg3.media.net/ Frame 48F9 15 B
37 B 114ms
114ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6971&&vgd_canary=0&vgd_l2type=scs_newfl&fp=wymWVpJhE9rDg7s3BKYLqqvF-Q6YmIL-PPyTVbS5AfKJXsarUEq-DWsXwCEIBLIShMZN26ca9aLG1q4nx3bSG9bgUHAqVqSZVhfQewyUXQqQGWMKfT0iE7gRLG0kkpWgiGF73IVhVFx0xcSHFE64eva3wD609mwA&cme=i2wjStQYJys7dwyg9VsnytpmF6hU9xeQW8txQMfsdlwziEI-rcXu6-eiNBOdSE6tsB-LHX0rEk4jaQpI--GHkvvNeZq6tgm7e1dl0R6xmHja98SMOtXgEmTL8-g5MNs1fNJhvIwaAVF7b3RPf_6PJ64mqMc0vQTIcREnJ77GJRzPbUiHSDIItBgNnSpck7cwPUGYTmBpcCKkr8wzaqm5JC8JMnjvWEMCoqxNATIuFTruQtBdJ3mB1A%3D%3D%7C%7Ca0AmFUYXmD7eh2NMZieDsMttf5qep0K8e758QtmpzZZloRUuVww4Ow%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CowMzrG4GjGitgrDQjsk5u7QsCRnHOZTSe7-3htX3d6C695N9U-avXP41fkmD4I8g607h-WXZbDCMov1YnlgVXrixjpD_UNvTTWwZAeYr7DDsY3Zcn2kXEvYBOxRXE5xH_KadY-pD9xLxOz0E8ICBWK_HIYmA4Y9MKkB-_IOC-EDhGLFHzCKs8_b_aqRRFjXdzXOUXNjhC9tsXbuW_eZTVAJnWWmgni5sXNGxhJruh6b9Q3QYKmMvJKORcakabYVnRdaOijpnB_G8JbfpB24juATlzFQUC5XGc5MHqSdxovZo6avtMuZ34A%3D%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=7%25+Interest+Savings+Accounts&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=329753404&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D011011%7C13%3D0.1015%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.90%7C2%3D6.06&ktd[]=4503874522251520&kwd[]=Rental+Homes+by+Owner&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=24236124&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D011011%7C13%3D0.0598%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.36%7C2%3D1.28&ktd[]=274894881024&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0681%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D1.45%7C2%3D5.72&ktd[]=274911658240&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0660%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.29%7C2%3D0.98&ktd[]=4503874522251520&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0631%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.56%7C2%3D2.13&ktd[]=274894881024&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0538%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.85%7C2%3D3.11&ktd[]=274911658240&kwd[]=Who+Owns+This+Phone&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=213940948&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0489%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.44%7C2%3D1.78&ktd[]=274894881024&v=1&geo=39.7%7C-105.03&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170762564&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22OJzeJL%22%2C%22QQ8E%22%3A%22FH.HH.Wh.9%22%2C%22QQQN%22%3A%22%3Da%22%7D&cid=8CU7Q771E&vi=1704970193654635076&vsid=3479717934780341&tdAdd[]=asnum%3D131199&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L375-S375&vgd_imdtl=1&vgd_l3_sc=CO&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca2a&vgd_nrrsf=scrr&vgd_cty=denver&vgd_ifrmode=14&sttm=1704970193861&upk=1704970194.14375&hvsid=00001704970193861010766478033974&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1704970193139989281&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D131199&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3479717934780341&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.XA~QNOvNm~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9uu9uW~8xLjMGvWuX.uh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MuMwmQ7~YzMGJwMGmmQ7v9.hF~L17v9.999%2C9~8Evu1Dek1~kGGvuF~GwM8YvuFh~L88Ex1vu9%2Cu9~LNvu~LEQMQOvf9fH9uu9uH~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~xLjMjvu9~QjevAW.9u~yN17vou~GGvuiF~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvu.f%2CWA.hW~QOv9~x8OvfV1ZYUWZk5Q2AGisL2~NejfLMGv9.Fi~G7OvhXXif9hufAHAXhXHiuiAiXWhhAFA9A99fFh9fAhhFhW9iAAf9HfiHXihuXfhWW9HH9HiuAHiffuFXAWhWiXAiXf9hiiuf99HXi9AWhf~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevAX.fW~%3DVvA9Wi~UGMxNvof~z7Qvf~UGMNNUQvof~N7vOJzeJL~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hih9uif~G1Q8QuvuiF~GwMQOvf9fH9uu99f~ONvW~ejfLMGvu.f~eBMJ-Nv9.WF~e8QMQOvfFA~xLjMLEQMGvi.Ah~GwMNmv9~ONfvu~eM1QzvuAuuii~j1Q7v~Nemyv9.Fi~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9uu9uW~e8QMxLjMjv9~J7vuh~ejfLM8MGv9.9u~e8QMGvWXW.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXA~LkevAX.fW~jfLMGvu999~BLMGvu.9u%2C9~L1OEv9.999%2C9~Q8OvWWXhhh9fW~xLjMLEQMUNv9~eBxv9.WF~OfEMjvu9~Nejfv9.Fi~AENkvu999.Ff~myMYQwv9.uA~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~LEQMGvWA.hW~xLjMQLEQMGvi.Ah~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9h~xLjMLEQMLev9~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MuMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MuMwmQ7~e8JB1G8j875v9.WF~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoWXuH9FWXiAFFWX9H~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9AhWFXfXFWXfXXhfH~JNEMEu9v9.9WHuiii9WiHHHiAXH~JNEMEuXv9.uAiHi9uAAFXXuX9f~JNEMEf9v9.uihFf9FXAhXi999Ah~JNEMEfXv9.fXAXiAuhiifHXfFHF~JNEMEA9v9.Afhh9uuXhWhH9ffhF~JNEMEAXv9.HuXWhHHAfF9uXAAu~JNEMEH9v9.XuiiXWiXfWhFiWAf~JNEMEHXv9.FAWFXhAuiXXihHH~JNEMEX9v9.hXWAuifhuXiffXAX~JNEMEXXv9.i9WWhuW99A9AXAXX~JNEMEF9vu.u9hWu9hifffWXFXF~JNEMEFXvu.AfHhiWAuhWhf9A9W~JNEMEh9vu.FuFhAhu9X9FHufAA~JNEMEhXvf.999HHAWHXhuhWf9H~JNEMEW9vf.FWuhAuF9W9XHhfhX~JNEMEWXvA.FWXWiWihfhfuu~JNEMEi9vX.Xiui9hFFAiXfWiAX~JNEMEiXvuf.XXhh9ff9uXhFiXu~JNEMEiivhu.FWAAfFFFihhfHh~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&vgd_cfud=230323&vgd_scsver=318&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=751&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1145&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=CO&vgd_l1rhst=contextual.media.net&hvsid=00001704970193861010766478033974&rc=0&rand=1704970194351&acid=5adf01eec2034480585c3e10790950fc&matm=1704970194351&vgd_ltimesrc=1&vgd_ltime=894&vgd_rtime=892&vgd_etm=9&vgd_l1hcsd=Otp9r%7C122&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6626&vgd_pgid=p11332859656t202401111049&vgd_csip=rtb-appnexus-5f6f69d475-kst9c.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3322&&kkdd=*3%7Ch%7CnHA93u*&5K=CPqFnPqCnThrFhTrqPh&.YBS=q&dHB(=q&fY5=CCFr&aHft=XTPr&fKY=)OyPbPPCj&fBfY=bf1.LGg247jgvC44wSS7f*%3D%3D&fSKY=))rPPPqs)&HK-t=ChqGhqq&ff=yR&Hf=OA&feNd=0iVZAz6&BKY=)oAhPV6TR&aBKY=mCjThh)&eaaBH=C&SSS=a-VweXfcwXncHAaP-PaKz17q!*wmvazvSb5Pl1Ge!5Fx!tnbv!xvC*%3D%3D&NHt=r&c*=C&2.Y=F&(YaC=)Oyyn73)0&(Yas=)Tns))hFT&uY(a(=HYs%3DN2ccpK2Sc4c%3DCqpL.tSBd%3DqIqPpYLd4u%3DqIrTpHfY%3DfLpS(t%3Dq%2CqpYLd4c%3Dsqp5csS4HY%3DsqsFqCCqC)pK2Sc4u%3D)CrICPp2Sc4aEf%3Dqp2Sc4Ss(4u%3DqpHaY%3D(H*K!a4C4eLHapdN4ute4uLLHa%3DqIPhpS(a%3DqIqqq%2CqpKB%3DC(V5!(p!uu%3DChpue4Kd%3DChPpSKKB2(%3DCq%2CCqpSf%3DCpSBH4HY%3DsqsFqCCqCFpS(Y5%3DqIqqq%2Cqp2Sc4u%3DCIqFp5csS42Sc4u%3Dqp2Sc4c%3DCqpHc5%3DT)IqCp.f(a%3DwCpuu%3DCnhptSBd%3DqIqPp5csS42Sc4Ef%3DqjqpBHK4f%3DC%2CC%2Cq%2Cq%2Cq%2Cq%2Cq%2Cqpud%3DCpBHK4Y%3DqpSEt%3Dq%2Cqp(TB4u%3DCIs%2C)TIP)pHY%3Dqp2KY%3Dsl(MdE)M!vH8Tun3S8pf5csS4u%3DqIhnpuaY%3DPrrnsqPCsTFTrPrFnCnTnr)PPThTqTqqshPqsTPPhP)qnTTsqFsnFrnPCrsP))qFFqFnCTFnssChrT)P)nrTnrsqPnnCsqqFrnqT)Psp2Kd%3DqpSEa%3DqIqqq%2CqpL.YsB4u%3DqIn)pHH%3Dzipff%3DyRp2K*%3DwCpft%3DqpSf5%3DTrIs)pOl%3DTq)npEu42f%3DwspNaH%3DspEu4ffEH%3Dwspfa%3DYtN5tSpuHH4Qm~%3Dzi%2Czipu(HKHs%3DCnhpuYa%3DCPqFnPqCnspu(HKHC%3DCnhpue4HY%3DsqsFqCCqqspYf%3D)p5csS4u%3DCIsp5*4tGf%3DqI)hp5KH4HY%3DshTp2Sc4SBH4u%3DnITPpue4fL%3DqpYfs%3DCp54(HN%3DCTCCnnpc(Ha%3Dpf5L.%3DqIhnp5KH42Sc4u%3DqIrhp5csS4K4HY%3DsqsFqCCqC)p5KH42Sc4c%3Dqpta%3DCPp5csS4K4u%3DqIqCp5KH4u%3D)r)IqTp5csS42Sc45K%3DCjwChp2Sc4a5K%3Dqp55%3Dqpf5csS4HY%3DsrTpS!5%3DTrIs)pcsS4u%3DCqqqp*S4u%3DCIqC%2CqpS(YB%3DqIqqq%2CqpHKY%3D))rPPPqs)p2Sc4SBH4Ef%3Dqp5*2%3DqI)hpYsB4c%3DCqpf5cs%3DqIhnpTBf!%3DCqqqIhspL.4dHe%3DqICTpYdd4HaS.%3De(SdLNvpYsB4u%3DqIn)pSBH4u%3D)TIP)p2Sc4HSBH4u%3DnITPpSE*B%3DqIqqq%2CqpSE*Y%3DqIqqq%2CqpKHVt!%3DqpKHK!%3Dqp2Sc4SBf4u%3DqpuKY%3DqIqPp2Sc4SBH4S5%3DqpfuYB%3DqIqCFpKavBt4KY%3DCPpHtcctS4a(.4KY%3D(H*K!a4C4eLHapH2BBcv4a(.4KY%3DpYtatfatY4a(.4KY%3D(H*K!a4C4eLHap5Kt*(uKcKav%3DqI)hpBLH%3DCp(f4avBt%3DCp(YucE%3DC)CssPC)qFp(dB%3DCpL.uKY%3DqIqPqpu!cS%3DqIqCqpH2KY%3DpYaf%3Dt(Ha4HfpYdd4tSBd%3D!(cHtpYdd%3De(SdLNvpuYBf(BY%3DqpY(c.%3DYt!(2capH.da%3DcLN.4a(Kc4eLdtB(.t4f(afe(ccpHLuB%3DpGKY%3DixUwB2uw)rCFqh)rnThh)rqFpeadc%3DCp(Y4BLH%3D%7B%22a%22%3Aq%2C%22B%22%3AF%7DpYf2a%3D)qpYL.u%3DqwCptfB42HtY%3D1qrptfB4Bqr%3DqIqTP)hrsrh)rsrrPsFptfB4BCq%3DqIq)FCnnnq)nFFFnTrFptfB4BCr%3DqICTnFnqCTThrrCrqsptfB4Bsq%3DqICnPhsqhrTPrnqqqTPptfB4Bsr%3DqIsrTrnTCPnnsFrshFhptfB4BTq%3DqITsPPqCCrP)PFqssPhptfB4BTr%3DqIFCr)PFFTshqCrTTCptfB4BFq%3DqIrCnnr)nrs)Phn)TsptfB4BFr%3DqIhT)hrPTCnrrnPFFptfB4Brq%3DqIPr)TCnsPCrnssrTrptfB4Brr%3DqInq))PC)qqTqTrTrrptfB4Bhq%3DCICqP)CqPnsss)rhrhptfB4Bhr%3DCITsFPn)TCP)PsqTq)ptfB4BPq%3DCIhChPTPCqrqhFCsTTptfB4BPr%3DsIqqqFFT)FrPCP)sqFptfB4B)q%3DsIh)CPTChq)qrFPsPrptfB4B)r%3DTIh)r)n)nPsPsCCptfB4Bnq%3DrIrnCnqPhhTnrs)nTrptfB4Bnr%3DCsIrrPPqssqCrPhnrCptfB4Bnn%3DPCIh)TTshhhnPPsFPpKuf%3DCpNH-%3Dspa.H%3DCsqGhqq%7CChqGhqqpuHu%3DqpuHB%3DqpadG%3DsTr&Na5=q&ddd=2ULHz!lx1jE%3D&K*=q&KNl!S=C&uYSlY=Fhq&uKY=TFnqhh&df!=Phrns&vYHBS=C&u(t=gGtz(Gtg(.pgGtz(GtG(.pFtt&E(aBSt=C&E(auKY=wCqs&f(YLd(KN=a-VweXfcwXw0RezFsw22!YNrAUesKOqzh1YTsvFlRfWJA0W4EvWL-.%3D%3D&vBcB=C&KHKY=r&(Y5=lN5tHaLS%203Lf2H&HHdfS45tS=r&B.KY=BCCTTs)rnhrhasqsFqCCCCqFn&HHcY=%7B%22HHKB%22%3A%22hFIFFI)PIq%22%2C%22HHff%22%3A%22yR%22%2C%22HHHf%22%3A%22OA%22%2C%22HHfav%22%3A%22YtN5tS%22%7D&eadcHSf=C&sflct=1944242&ure=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 11 Jan 2024 10:49:54 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
DATA 200
OK truncated
/ Frame 87E1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39052b6631eb127b7be9996782411f8e7e2e7623b425dd0595664aca5b805dcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 87E1 0
19 B 125ms
124ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0GD-0MefZby7F9TUxtYP4POQ2AO-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDMo8AXggEXY2EtcHViLTg1MTQwNjg1OTM2Njg1MDTIAQmoAwHIAwKqBOgBT9CUC5RxUKRDLn7HPzfrZfnwpMebHLZ_ht0n9dunSQOnYAUfeuH84nyma7R8JFZTrkJUOQKUAwoaQgPJEJm940lxTDFCyXRc-lnnQg4ozEV65NSxMwbzH09lkRxnTdGo0SVEVaJAA2H3uEqJ8awfMUDYorh-wpZRTDxbJk0EkrHVFPY4eYCR9mbs2IS7C6rgg33zrFYjbNcR7sBb_DoiH072qccRNu_WIYIdIgummszJuOCA2sCCK-a7E-9pRGVMbV6D0SAtEDqaqphww4cNB_HeIGii5MsXMulP0PeI0EcBNBqreNGwFIAGqp-L6Ym07tDGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljKoa31lNWDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NTE0MDY4NTkzNjY4NTA0GAA&sigh=ztE1CYjEIbc&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_bgoUloiNjOCd-OHFIRlNKC11_YjIwiwG_fUgljy5Dd2dTr1wgelzbv-wKm8ahw3UxU0d6ShNC0aFIQtih1bTy9d1jC11k24nyhgB&cbvp=2&vis=1

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 10:49:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 87E1 35 B
191 B 96ms
95ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAASjg2MDQ2Mjc3NjczMTc5XzYyMDI3NTAxXzgzOTI4ODY0MzQ2MDFANWFkZjAxZWVjMjAzNDQ4MDU4NWMzZTEwNzkwOTUwZmOYB-xRuB6F67E_Pmh0dHBzOi8vaW5zdGFsbG1lbnQuYW5pY3ViZS5uZXQEVVOA3OKCCOgBTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjE2IFNhZmFyaS81MzcuMzYuaW5zdGFsbG1lbnQuYW5pY3ViZS5uZXQSOENVVTlKRjhICA4xNjB4NjAwCjAuMDE0DmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAgFVA2Jqkgp9jAjEAAAAAAADwv0BydGItYXBwbmV4dXMtNWY2ZjY5ZDQ3NS1rc3Q5Yy5TQz4xNzAwMDgwODA3NjgzMzAwMTYwMDYwMDAwMDU5NTAwAhA4YTNmODljMAJkAg&cbvp=2

Requested by

Host: installment.anicube.net
URL: https://installment.anicube.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 87E1 35 B
296 B 313ms
88ms Image
image/gif 23.44.201.214

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=5adf01eec2034480585c3e10790950fc&algo=default&bdp=0.0700&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=839288643&ct=denver&dc=east_sc&dfpbd=0.0140&dn=installment.anicube.net&iwb=1&ogcbdp=0.0700&other_bids=0.07&other_prv=460&pbshr=100.0000&prdp=0.0140&requrl=installment.anicube.net%2F&sat=1&sc=CO&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3728689&ugd=4&ver=9.6.4&cliIP=1076647680&time_stamp=2024-01-11%2010%3A49%3A52&seat=BID_API&itype=adx&req_id=rHri_tPqSPWc0_87iwz_Yg&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.216%20Safari%2F537.36&br_ver=120.0.6099.216&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&model_key=generic_adx_1-cid_0&ogerpm=0.0700&ogerpm_used=false&rawbid=0.0700&totalTimeBucket=3&as_cache=0&sub_bidder=196&current_day=4.0&current_hour=10&cut=80&floor_bucket=0.00&model_version=202401110925_generic_adx_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8600&stid=aswift_1_host&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=71.8242&bdp_wider_bucket=1&adblk=1812271804&dim10=false&dmm_m9=0.0000&dmm_m10=965039&log_less=false&cut_bkt=80&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-5f6f69d475-kst9c.SC&dmm_m1=2024-01-11%2010%3A49%3A52.557780584&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=0.7583192715922535&ecp_p75=2.0004438457178204&ecp_avg=0.02&ecp_status=Success&ecp_used=q05&ecp_rtime=914.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-7c6dc5885b-d4kxp&rel_cut_bkt=95&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.25359317992452646&ecp_p60=1.1078107922285656&ecp_p70=1.6167371050641233&ecp_p80=2.6817316080547275&ecp_p85=3.6858989727211&ecp_p90=5.5919076639528935&ecp_p95=12.557702201576951&ecp_p99=71.68332666977247&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Requested by: Host: installment.anicube.net
URL: https://installment.anicube.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.214 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 10:49:54 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
DATA 200
OK truncated
/ Frame 48F9 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 48F9 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 48F9 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bql.php Show response
lg3.media.net/ Frame B135 15 B
37 B 114ms
114ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6974&&vgd_canary=0&vgd_l2type=scs_newfl&fp=ysejeqVVmtJgPvc8oRnk35qUUEXp1ATxiHw6D_ndFwZ9_NDCKnO1UrBa5bBnOveoUT8G6zB35sl5fWZnpdD23AjUWiyjQedZ29Gsc05X3UOnCuSlKqNYckNm7UEbr5ElZpHVL9hI3PSulpIpmimtnwrWbL2W7SFg&cme=o3MX1-KhghYyfwPfVL9MFxhXLSH5sm9I3ycmp1Oc3ElR5-S2dlr-cInK-l3UYfIHEi3afHBLiMen4hAVW7E_EGv9v1XZpihbTOEEYj7LDdOWFpJruHX5ziI-q83mkflVl1O2ifdDLs5AWlqU94-_QW5e2qkAvM3_V_i7i7zbr6IIyNo6aq50uApqXxX8ixJWEk9H7--aAW7d1QIOVPAdYrRDMx2RqeZ_SkWrxHhkujO-JpXrhgkiwA%3D%3D%7C%7CVxZQvjKsx7OOwXu13tIScmiO7gunnBIZ6Zj6FXQFOEd5lSHJn0_P3csLQMnXQkIAOxcL23N7Fw2canJSlkST83Rp-Q7o9yt3C8nWh400WAx7O0bGIUmpWKZPFy2rUlzgd5-HKzgRBWrtUBIOpEBlgF5Aw-pqyTU-aMTNzTOwNj5-fjAGGPgIvO7VGXfyKnDHECLNCMhoqgQgh5IUjdnMTQULS1AI4KbWLmUuR_OO1HHkP5iKAKu96gYGbVA7DDL1TXm2cks82ApA_NpQdsQUSF2rG156Z7Z0r_nERnvoAp0-erKhJ68k9g%3D%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7eh2NMZieDsMttf5qep0K8e758QtmpzZZloRUuVww4Ow%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=7%25+Interest+Savings+Accounts&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=329753404&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D011011%7C13%3D0.1015%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.90%7C2%3D6.06&ktd[]=4503874522251520&kwd[]=Rental+Homes+by+Owner&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=24236124&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D011011%7C13%3D0.0598%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.36%7C2%3D1.28&ktd[]=274894881024&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0681%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D1.45%7C2%3D5.72&ktd[]=274911658240&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0660%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.29%7C2%3D0.98&ktd[]=274894881024&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0631%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.56%7C2%3D2.13&ktd[]=4503874522251520&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0538%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.85%7C2%3D3.11&ktd[]=4503874539028736&kwd[]=Who+Owns+This+Phone&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=213940948&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011011%7C13%3D0.0489%7C14%3D011103%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.447%7C1%3D0.44%7C2%3D1.78&ktd[]=274894881024&v=1&geo=39.7%7C-105.03&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170762564&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22OJzeJL%22%2C%22QQ8E%22%3A%22FH.HH.Wh.9%22%2C%22QQQN%22%3A%22%3Da%22%7D&cid=8CU7Q771E&vi=1704970193930170953&vsid=3479717934780309&tdAdd[]=asnum%3D131199&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L375-S375&vgd_imdtl=1&vgd_l3_sc=CO&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca2a&vgd_nrrsf=scrr&vgd_cty=denver&vgd_ifrmode=14&sttm=1704970194038&upk=1704970194.29361&hvsid=00001704970194039010766478032307&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1704970193169749174&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D131199&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3479717934780309&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.uH~OmYMGv9.XA~QNOvNm~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9uu9uW~8xLjMGvWuX.uh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MuMwmQ7~YzMGJwMGmmQ7v9.hF~L17v9.999%2C9~8Evu1Dek1~kGGvuF~GwM8YvuFh~L88Ex1vu9%2Cu9~LNvf%2CfW~LEQMQOvf9fH9uu9uH~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~xLjMjvu9~QjevAW.9u~yN17vou~GGvuiF~JLEYv9.uH~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvA.9u%2CWA.hW~QOv9~x8OvfV1ZzCLZAufYR74T7O~NejfLMGvu.Hf~G7OvhXXif9hufAHAXhXHiuiAiXWFfXHuFHfF99WhX9AuHi9HW9i9AHuHhhfihhHAH99AWFFFWfiXiW9u9HXhFiAHHHfAXWiuhXHiiHfAhHH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevAX.fW~%3DVvA9Wi~UGMxNvof~z7Qvf~UGMNNUQvof~N7vOJzeJL~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hih9uif~G1Q8QuvuiF~GwMQOvf9fH9uu99f~ONvW~ejfLMGvA.9u~77v9~eBMJ-Nv9.WF~e8QMQOvfFA~xLjMLEQMGvi.Ah~GwMNmv9~ONfvu~eM1QzvuAuuii~j1Q7v~Nemyvu.Hf~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9uu9uW~e8QMxLjMjv9~J7vfH~ejfLM8MGv9.9f~e8QMGvWXh.9H~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXA~LkevAX.fW~jfLMGvu999~L1OEv9.999%2C9~Q8OvWWXhhh9fW~xLjMLEQMUNv9~eBxv9.WF~OfEMjvu9~Nejfvu.Hf~AENkvWHX.XW~myMYQwv9.uW~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~LEQMGvWA.hW~xLjMQLEQMGvi.Ah~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uH~xLjMLEQMLev9~NGOEv9.9fW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MuMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MuMwmQ7~e8JB1G8j875v9.WF~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.uH9~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoWXuH9FWXiAFFWX9H~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vW9~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9HfWfAHWuWh9h9h9W~JNEMEu9v9.uuuH9fWWFHXAFHFif~JNEMEuXv9.uWXffiAi99A9FXf9i~JNEMEf9v9.fFh9hXXhuiuhAuhA~JNEMEfXv9.AHFAX9XHfhXXu9uW~JNEMEA9v9.HHFWfFWFFAAhFAAu~JNEMEAXv9.XFFWXiiuXffifiFf~JNEMEH9v9.h9fHiHfAhhu9ffif~JNEMEHXv9.WFH9WHhXiuWAFiui~JNEMEX9vu.9AWAWhfFAhiXA9Ff~JNEMEXXvu.fXFWFHXuhFFX9uHH~JNEMEF9vu.XAH9XFHA9ihuiiHF~JNEMEFXvu.WX9AWhFXAufF9XAf~JNEMEh9vf.fhWf9AWiihhhHiAH~JNEMEhXvf.WFHuFX9XXiWWifF~JNEMEW9vA.WfuFAuWuuXWWfAi~JNEMEWXvX.AFAFhuFFuuiXuXFX~JNEMEi9vW.AWHhFuuuuuuAWHF~JNEMEiXvuW.fXWhAhWFAAXHiF~JNEMEiiviF.ifWHfFiiuXXA9H~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAH&vgd_cfud=230323&vgd_scsver=318&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=751&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1145&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=CO&vgd_l1rhst=contextual.media.net&hvsid=00001704970194039010766478032307&rc=0&rand=1704970194727&acid=aa4711df3a02048d821c05beecf2956c&matm=1704970194727&vgd_ltimesrc=1&vgd_ltime=1292&vgd_rtime=1290&vgd_etm=10&vgd_l1hcsd=Otp9r%7C122&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6622&vgd_pgid=p11332859656t202401111049&vgd_csip=rtb-appnexus-5f6f69d475-ng7l6.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3317&&kkdd=3!%7Ch%7C9uHAn3*&222=xtmNEJVf)oP%3D&e-=*Y9HIY9*IAIA9*Y9IhA&yO5F=9&2N5Q=9&XOe=**Hh&KNX1=TAYh&X-O=WwaYMYY*o&X5XO=MX)ym!Lx0_oL3*00gFF_XB%3D%3D&XF-O=WWhYYY9nW&N-.1=*u9!u99&XX=a4&NX=w8&Xbk2=Dz6c8EC&5-O=Wd8uY6CA4&K5-O=i*oAuuW&bKK5N=*&FFF=K.6gbTXRgTIRN8KY.YK-E)_9JBgi3KE3FMeYV)!bJeHfJ1IM3Jf3*B%3D%3D&kN1=h&RB=*&xyO=H&QOK*=WwaaI_sWD&QOKn=WAInWWuHA&GOQKQ=NOn%3DkxRRU-xFR0R%3D*9Umy1F52%3D9v*HUOm20G%3D9vhAUNXO%3DXmUFQ1%3D9%2C9UOm20R%3Dn9UeRnF0NO%3Dn9nH9**9*WU-xFR0G%3DW*hv*YUxFR0KPX%3D9UxFR0FnQ0G%3D9UNKO%3DQNB-JK0*0bmNKU2k0G1b0GmmNK%3D9vYuUFQK%3D9v999%2C9U-5%3D*Q6eJQUJGG%3D*uUGb0-2%3D*uYUF--5xQ%3D*9%2C*9UFX%3Dn%2CnWUF5N0NO%3Dn9nH9**9*HUFQOe%3D9v999%2C9UxFR0G%3D*v9HUeRnF0xFR0G%3D9UxFR0R%3D*9UNRe%3DAWv9*UyXQK%3Dg*UGG%3D*IuU1F52%3D9v*HUeRnF0xFR0PX%3D9o9U5N-0X%3D*%2C*%2C9%2C9%2C9%2C9%2C9%2C9UG2%3D*U5N-0O%3D9UFP1%3D9%2C9UQA50G%3DAv9*%2CWAvYWUNO%3D9Ux-O%3DnVQ~kZF~A*n2LKoTKOUXeRnF0G%3D*vHnUGKO%3DYhhIn9Y*nAHAhYhHI*IAIhWunhH*uHnu99WYh9A*HI9HW9I9AH*HYYnIYYHAH99AWuuuWnIhIW9*9HhYuIAHHHnAhWI*YhHIIHnAYHHUx-2%3D9UFPK%3D9v999%2C9UmyOn50G%3D9vIWUNN%3DEzUXX%3Da4Ux-B%3Dg*UX1%3D9UFXe%3DAhvnWUwV%3DA9WIUPG0xX%3DgnUkKN%3DnUPG0XXPN%3DgnUXK%3DO1ke1FUGNN0Zi7%3DEz%2CEzUGQN-Nn%3D*IuUGOK%3D*Y9HIY9*InUGQN-N*%3D*IuUGb0NO%3Dn9nH9**99nUOX%3DWUeRnF0G%3DAv9*UKK%3D9UeB01!X%3D9vWuUe-N0NO%3DnuAUxFR0F5N0G%3DIvAYUGb0Xm%3D9UOXn%3D*Ue0QNk%3D*A**IIURQNK%3DUXemy%3D*vHnUe-N0xFR0G%3D9vhuUeRnF0-0NO%3Dn9nH9**9*WUe-N0xFR0R%3D9U1K%3DnHUeRnF0-0G%3D9v9nUe-N0G%3DWhYv9HUeRnF0xFR0e-%3D*og*uUxFR0Ke-%3D9Uee%3D9UXeRnF0NO%3DnhAUFJe%3DAhvnWURnF0G%3D*999UFQO5%3D9v999%2C9UN-O%3DWWhYYY9nWUxFR0F5N0PX%3D9UeBx%3D9vWuUOn50R%3D*9UXeRn%3D*vHnUA5XJ%3DWHhvhWUmy02Nb%3D9v*WUO220NKFy%3DbQF2mk3UOn50G%3D9vIWUF5N0G%3DWAvYWUxFR0NF5N0G%3DIvAYUFPB5%3D9v999%2C9UFPBO%3D9v999%2C9U-N61J%3D9U-N-J%3D9UxFR0F5X0G%3D9UG-O%3D9v*HUxFR0F5N0Fe%3D9UXGO5%3D9v9nWU-K3510-O%3D*YUN1RR1F0KQy0-O%3DQNB-JK0*0bmNKUNx55R30KQy0-O%3DUO1K1XK1O0KQy0-O%3DQNB-JK0*0bmNKUe-1BQG-R-K3%3D9vWuU5mN%3D*UQX0K351%3D*UQOGRP%3D*W*nnY*W9AUQ25%3D*UmyG-O%3D9v*H9UGJRF%3D9v9*9UNx-O%3DUOKX%3D1QNK0NXUO2201F52%3DJQRN1UO22%3DbQF2mk3UGO5XQ5O%3D9UOQRy%3DO1JQxRKUNy2K%3DRmky0KQ-R0bm215Qy10XQKXbQRRUNmG5%3DU!-O%3Dzftg5xGgWh*H9uWhIAuuWh9HUbK2R%3D*UQO05mN%3D%7B%22K%22%3A*%2C%225%22%3AH%7DUOXxK%3DW9UOmyG%3D9g*U1X50xN1O%3D)*9U1X5059h%3D9v9HnWnAHW*WY9Y9Y9WU1X505*9%3D9v***H9nWWuHhAuHuInU1X505*h%3D9v*WhnnIAI99A9uhn9IU1X505n9%3D9vnuY9YhhY*I*YA*YAU1X505nh%3D9vAHuAh9hHnYhh*9*WU1X505A9%3D9vHHuWnuWuuAAYuAA*U1X505Ah%3D9vhuuWhII*hnnInIunU1X505H9%3D9vY9nHIHnAYY*9nnInU1X505Hh%3D9vWuH9WHYhI*WAuI*IU1X505h9%3D*v9AWAWYnuAYIhA9unU1X505hh%3D*vnhuWuHh*Yuuh9*HHU1X505u9%3D*vhAH9huHA9IY*IIHuU1X505uh%3D*vWh9AWYuhA*nu9hAnU1X505Y9%3DnvnYWn9AWIIYYYHIAHU1X505Yh%3DnvWuH*uh9hhIWWInuU1X505W9%3DAvWn*uA*W**hWWnAIU1X505Wh%3DhvAuAuY*uu**Ih*huhU1X505I9%3DWvAWHYu******AWHuU1X505Ih%3D*WvnhWYAYWuAAhHIuU1X505II%3DIuvInWHnuII*hhA9HU-GX%3D*UkN.%3DnUKyN%3D*n9!u99%7C*u9!u99UGNG%3D9UGN5%3D9UK2!%3DnAH&kKe=9&-B=9&-kVJF=*&GOFVO=Hu9&G-O=AHI9uh&2XJ=YuhIn&3ON5F=*&GQ1=L!1EQ!1LQyUL!1EQ!1!QyUH11&PQK5F1=*&PQKG-O=g*9n&XQOm2Q-k=K.6gbTXRgTgD4bEHngxxJOkh8tbn-w9Eu)OAn3HV4Xr(8Dr0P3rm.y%3D%3D&35R5=*&-N-O=h&QOe=Vke1NKmF%20smXxN&NN2XF0e1F=h&5y-O=5**AAnWhIuhuKn9nH9****9HI&NNRO=%7B%22NN-5%22%3A%22uHvHHvWYv9%22%2C%22NNXX%22%3A%22a4%22%2C%22NNNX%22%3A%22w8%22%2C%22NNXK3%22%3A%22O1ke1F%22%7D&bK2RNFX=*&sflct=1944242&ure=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 11 Jan 2024 10:49:54 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 113ms
112ms XHR
application/json 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3098ec2d66dca67bdf655099b4b3a1271b2f22929fc80b54e303eae39f3c506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://installment.anicube.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12171
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 30ED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e371a41ab4a683e72dd65803f8a799f5be6403e3cfd44af2f205cdc94426318

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 30ED 0
19 B 120ms
119ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMyHx0MefZbu7F9TUxtYP4POQ2AO-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDMo8AXggEXY2EtcHViLTg1MTQwNjg1OTM2Njg1MDTIAQmoAwHIAwKqBOgBT9AU-66uYyW7BrokFG5iKKrD_wucNT-8ueb3_AM85wnhmOqniH1O1pwa9R08eB3ihbJYBPDAmi9_SyYlQc8lMrtsAJLFdN9erlFEsCsZ2UDc7sBo_H7c2BvLK-bkCvyv61kz7dDN3_rf_rOlyeno3ODtOww1Qnia1ZRfmqABUZ6HtLRMDaAUb610DRd-gRetdjlIEDYYsE2MGng6heCcNQ1826MvLD1PmEdzKaM3V5hE6ADWTX5XrUjhAwFxy5DZVrHmPYJqwjl45ImshMmaH50A51cR5YNhS64GbHwNKQK16zbFZoDLaYAGqp-L6Ym07tDGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljKoa31lNWDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NTE0MDY4NTkzNjY4NTA0GAA&sigh=oYfsrJKs_HI&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_bgoUloiNjOCd-OHFIRlNKC11_YjIwiwG_fUgljy5Dd2dTr1wgelzbv-wKm8ahw3UxU0d6ShNC0aFIQtih1bTy9d1jC11k24nyhgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 10:49:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 30ED 35 B
191 B 92ms
91ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjc3MzQyNTk0MDY3MDY2XzEyMDEzOTQ5OTFfODM5Mjg4NjQzNDYwMUBhYTQ3MTFkZjNhMDIwNDhkODIxYzA1YmVlY2YyOTU2Y5gH7FG4HoXrwT8-aHR0cHM6Ly9pbnN0YWxsbWVudC5hbmljdWJlLm5ldARVU4Dc4oII6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMTYgU2FmYXJpLzUzNy4zNi5pbnN0YWxsbWVudC5hbmljdWJlLm5ldBI4Q1VVOUpGOEgIDjE2MHg2MDAKMC4wMjgOZWFzdF9zYwZBRFgICG51cmwAAAAAAACAVUCam6SCn2MCMQAAAAAAAPC_QHJ0Yi1hcHBuZXh1cy01ZjZmNjlkNDc1LW5nN2w2LlNDPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACEDhhM2Y4OWMwAmQC&cbvp=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:54 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 30ED 35 B
296 B 89ms
88ms Image
image/gif 23.44.201.214

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=aa4711df3a02048d821c05beecf2956c&algo=default&bdp=0.1400&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=839288643&ct=denver&dc=east_sc&dfpbd=0.0280&dn=installment.anicube.net&iwb=1&ogcbdp=0.1400&other_bids=0.14&other_prv=460&pbshr=100.0000&prdp=0.0280&requrl=installment.anicube.net%2F&sat=1&sc=CO&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=4968799&ugd=4&ver=9.6.4&cliIP=1076647680&time_stamp=2024-01-11%2010%3A49%3A52&seat=BID_API&itype=adx&req_id=u4XnriHQn_XWPM8OwZyfow&dfp_bucket=0.0&level_base=0&bdp_bucket=0.15&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.216%20Safari%2F537.36&br_ver=120.0.6099.216&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&model_key=generic_adx_1-cid_0&ogerpm=0.1400&ogerpm_used=false&rawbid=0.1400&totalTimeBucket=4&as_cache=0&sub_bidder=196&current_day=4.0&current_hour=10&cut=80&floor_bucket=0.00&model_version=202401100001_generic_adx_1-cid_0&erpm_bucket=0.15&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8600&stid=aswift_1_host&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=68.7876&bdp_wider_bucket=1&adblk=1812271803&dim10=false&dmm_m9=0.0000&dmm_m10=1931604&log_less=false&cut_bkt=80&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-5f6f69d475-ng7l6.SC&dmm_m1=2024-01-11%2010%3A49%3A52.590660810&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.1400&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=1.0383872637953062&ecp_p75=2.864165055988926&ecp_avg=0.02&ecp_status=Success&ecp_used=q10&ecp_rtime=886.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-7c6dc5885b-6wx9c&rel_cut_bkt=85&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.3463505427551018&ecp_p60=1.5340564309719946&ecp_p70=2.2782038997774934&ecp_p80=3.821631811588239&ecp_p85=5.3636716611951565&ecp_p90=8.384761111113846&ecp_p95=18.25873786335496&ecp_p99=96.92842699155304&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.214 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 10:49:54 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 11 Jan 2024 10:49:54 GMT

GET
DATA 200
OK truncated
/ Frame B135 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B135 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B135 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 118ms
118ms Script
text/javascript 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://installment.anicube.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 10:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:49:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6875 13 KB
5 KB 87ms
83ms Document
text/html 142.250.80.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 37842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 00:19:13 GMT
expires: Fri, 10 Jan 2025 00:19:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5DE 829 B
1 KB 305ms
102ms Document
text/html 142.251.40.196

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

07bfb0392462f489674db5752d31f6bdb7acedbc6d257afeecf4251b45b41d1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1eX5k3dRoC6jQTEl6CFYOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://installment.anicube.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1eX5k3dRoC6jQTEl6CFYOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 10:49:55 GMT
expires: Thu, 11 Jan 2024 10:49:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6875 39 KB
15 KB 82ms
82ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 20:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 20:12:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5DE 0
0 109ms
109ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1435562844414329&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s71-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 bqi.php
lg3.media.net/ Frame 87E1 15 B
15 B 107ms
102ms Image
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3208&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_tsce=L375&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349066&vgd_cdv=1145&vgd_cage=1&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.XA~QNOvNm~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9uu9uW~8xLjMGvWuX.uh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MuMwmQ7~YzMGJwMGmmQ7v9.hF~L17v9.999%2C9~8Evu1Dek1~kGGvuF~GwM8YvuFh~L88Ex1vu9%2Cu9~LNvu~LEQMQOvf9fH9uu9uH~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~xLjMjvu9~QjevAW.9u~yN17vou~GGvuiF~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvu.f%2CWA.hW~QOv9~x8OvfV1ZYUWZk5Q2AGisL2~NejfLMGv9.Fi~G7OvhXXif9hufAHAXhXHiuiAiXWhhAFA9A99fFh9fAhhFhW9iAAf9HfiHXihuXfhWW9HH9HiuAHiffuFXAWhWiXAiXf9hiiuf99HXi9AWhf~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevAX.fW~%3DVvA9Wi~UGMxNvof~z7Qvf~UGMNNUQvof~N7vOJzeJL~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hih9uif~G1Q8QuvuiF~GwMQOvf9fH9uu99f~ONvW~ejfLMGvu.f~eBMJ-Nv9.WF~e8QMQOvfFA~xLjMLEQMGvi.Ah~GwMNmv9~ONfvu~eM1QzvuAuuii~j1Q7v~Nemyv9.Fi~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9uu9uW~e8QMxLjMjv9~J7vuh~ejfLM8MGv9.9u~e8QMGvWXW.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXA~LkevAX.fW~jfLMGvu999~BLMGvu.9u%2C9~L1OEv9.999%2C9~Q8OvWWXhhh9fW~xLjMLEQMUNv9~eBxv9.WF~OfEMjvu9~Nejfv9.Fi~AENkvu999.Ff~myMYQwv9.uA~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~LEQMGvWA.hW~xLjMQLEQMGvi.Ah~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9h~xLjMLEQMLev9~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MuMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MuMwmQ7~e8JB1G8j875v9.WF~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoWXuH9FWXiAFFWX9H~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9AhWFXfXFWXfXXhfH~JNEMEu9v9.9WHuiii9WiHHHiAXH~JNEMEuXv9.uAiHi9uAAFXXuX9f~JNEMEf9v9.uihFf9FXAhXi999Ah~JNEMEfXv9.fXAXiAuhiifHXfFHF~JNEMEA9v9.Afhh9uuXhWhH9ffhF~JNEMEAXv9.HuXWhHHAfF9uXAAu~JNEMEH9v9.XuiiXWiXfWhFiWAf~JNEMEHXv9.FAWFXhAuiXXihHH~JNEMEX9v9.hXWAuifhuXiffXAX~JNEMEXXv9.i9WWhuW99A9AXAXX~JNEMEF9vu.u9hWu9hifffWXFXF~JNEMEFXvu.AfHhiWAuhWhf9A9W~JNEMEh9vu.FuFhAhu9X9FHufAA~JNEMEhXvf.999HHAWHXhuhWf9H~JNEMEW9vf.FWuhAuF9W9XHhfhX~JNEMEWXvA.FWXWiWihfhfuu~JNEMEi9vX.Xiui9hFFAiXfWiAX~JNEMEiXvuf.XXhh9ff9uXhFiXu~JNEMEiivhu.FWAAfFFFihhfHh~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&vgd_lbt=500&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=885777028&rrr=tzR-hLcl-L9lsOt7z7tiNqJ0fw-TytNyrQv7Iqxhfv4Dfe9QyfDy1w%3D%3D&requrl=https%3A%2F%2Finstallment.anicube.net%2F&vi=1704970193654635076&ugd=4&cc=US&sc=CO&bdrid=460&subBdr=196&startTime=1704970193850&l1ch=1&l1hcsd=l1!Otp9r|122&mmm=uXosNfIDqEk=&buid=349066&sttm=1704970193861&upk=1704970194.14375&hvsid=00001704970193861010766478033974&acid=5adf01eec2034480585c3e10790950fc&verid=3111299&infr=1&twna=1&dma=751&stime=1704970193469&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704970193139989281&vgd_sc=CO&vgd_ecrid=1700080807683300160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p11332859656t202401111049&vgd_pgids=1&vgd_end=2

Protocol

Security

QUIC, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 11 Jan 2024 10:49:55 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Thu, 11 Jan 2024 10:49:55 GMT

GET
H2 200 log
hblg.media.net/ Frame 87E1 35 B
191 B 94ms
91ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDVhZGYwMWVlYzIwMzQ0ODA1ODVjM2UxMDc5MDk1MGZjhp20oAaYBwRVUy5pbnN0YWxsbWVudC5hbmljdWJlLm5ldBI4Q1VVOUpGOEgaYXN3aWZ0XzFfaG9zdA4xNjB4NjAwDmVhc3Rfc2MEMjMGQURYEjhQUjExM0pHQw5CSURfQVBJABphc3dpZnRfMV9ob3N0AjBAcnRiLWFwcG5leHVzLTVmNmY2OWQ0NzUta3N0OWMuU0M-MTcwMDA4MDgwNzY4MzMwMDE2MDA2MDAwMDA1OTUwMAIwACIAEEVYQ0hBTkdFAgJk&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:49:55 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Jan 2024 10:49:55 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 87E1 42 B
64 B 113ms
112ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYPcNNfpGnsPXTJPAcf_7-Go_yqAN6CmAvjVuc3Kb-nanKGc87iiyoMjOJX5DcTGCwx_P0PeYnF-RuKBL96Hc_9MZyv71-V8eVjx8LYPsloBCidbVpQYZ0&sig=Cg0ArKJSzN11K6NptJC0EAE&id=lidar2&mcvt=1011&p=0,0,604,160&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704970193456&rpt=499&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS