suaurl.com Open in urlscan Pro
104.243.41.128 Public Scan

Software

cafe /

Resource Hash

6d9ea87c5496383a53ce4d4598fc53207263c7b9fb3d6df961ac6dd77f8686b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 490 / 20048 / m202411140201 / config-hash: 18155100074987193569
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 21 Nov 2024 01:19:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33686
x-xss-protection: 0
server: cafe

GET
H2 200 nobetaads&id=suaurl.inter Show response
api.nobeta.com.br/ 66 KB
14 KB 1209ms
236ms Script
application/javascript 35.244.156.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.156.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.156.244.35.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b93dd97d182cdb305fe7d76ffa6591571446e61e16e121301a7f3d81afc63aa4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14529
date: Thu, 21 Nov 2024 01:19:53 GMT
last-modified: Mon, 26 Feb 2024 11:52:26 GMT
vary: Accept-Encoding
server: Apache/2.4.29 (Ubuntu)
content-type: application/javascript

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/ 154 KB
35 KB 1080ms
108ms Script
application/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce511302bda60fdb570a7d4ba6912428564534894c257e507d5343dacbc42c5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2f8967c65d24692e266574b7e47b772a"
age: 32172
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 7bEMXa-TeBOhtJJKicYwiF_cWepRfSJKkGqF7wwiRYcBV4Ti_fTpPg==
date: Wed, 20 Nov 2024 16:23:42 GMT
content-type: application/javascript
last-modified: Wed, 26 Jun 2024 08:43:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 300d3285-f4f8-41c1-8646-51e981aaafa7.min.js Show response
cmp.optad360.io/items/ 2 B
414 B 1054ms
82ms Script
application/javascript 143.204.98.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding, Origin
cache-control: public, max-age=604800
etag: "99914b932bd37a50b983c5e7c90ae93b"
age: 76478
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2
x-amz-cf-id: JLcPi_rT8ND-2ER9U57IwjHQqOQQbh4WEIjrIjNSgxUjM5uqOPUJ0g==
date: Wed, 20 Nov 2024 04:05:16 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 14:06:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
97 KB 1081ms
112ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C528SSEPW2

Requested by

Host: suaurl.com
URL: https://suaurl.com/b53a1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

743987cf41d323ee5c7b93f463835c1316cd63cdbcc36658f8280aff63f08096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 01:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98186
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 a34f9d1faa5f3315-s.p.woff2
suaurl.com/_next/static/media/ 47 KB
0 0ms
0ms Font
font/woff2 104.243.41.128
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://suaurl.com/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Requested by: Host: suaurl.com
URL: https://suaurl.com/_next/static/chunks/fd9d1056-77134275075c8105.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.243.41.128 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://suaurl.com
Referer: https://suaurl.com/b53a1d

Response headers

cache-control: public, max-age=31536000, immutable
etag: W/"bdac-19251b065c1"
accept-ranges: bytes
x-cache: HIT
content-length: 48556
date: Thu, 21 Nov 2024 01:19:52 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 09:22:47 GMT
server: nginx

GET
H2 200 8a6f7bff61eadc7c53c8a91cbc98b656.js Show response
scripts.cleverwebserver.com/ 104 KB
21 KB 1281ms
236ms Script
application/javascript 172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/_next/static/chunks/app/layout-a45775e86ced4e09.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3a0a02aebbfa858adb5d12e98778ad2b8aec91dc3932e0144d39022f00f7a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cache-control: public, max-age=1800
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"f3e0dc2882c29a007264ef8b5962a7bd"
x-amz-version-id: fm7Uex_EIaJ3Qk7pAd9FWINUZgHcJq96
x-amz-request-id: BN5GEBMPZ10ABR22
expires: Thu, 21 Nov 2024 01:49:55 GMT
cf-ray: 8e5cdab12a628fce-FRA
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 16:43:14 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: PSRSq0eDLxh5eQUzvr+bVRwWRFXeDpupz9+3Zw3TPxS2DYzWfsfjimzuoOHZeUmkr5qf41yelX8=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/ 489 KB
152 KB 129ms
116ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 8976680079670756433
age: 22591
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 19:03:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 19:03:23 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155188
x-xss-protection: 0
server: cafe

GET
H2 200 prebid9.18.js Show response
s0.2mdn.net/dfp/517466/4406976690/1730992053445/ Frame CC28 224 KB
79 KB 1141ms
154ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

7ca2cf1d5abc905d804abe1e9b678efcee0e81764363124f7c1e210057477e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
age: 34688
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 15:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:41:47 GMT
last-modified: Thu, 07 Nov 2024 15:07:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 80049
x-xss-protection: 0
server: sffe

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CC28 108 KB
33 KB 1140ms
158ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c886e373819e0ca3b5dc764806d7de098d65803bcae52f57784f5ac653107b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 281 / 20048 / 31089085 / config-hash: 18155100074987193569
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33685
x-xss-protection: 0
server: cafe

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame CC28 15 KB
5 KB 572ms
81ms Script
application/javascript 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"e577c18a64fa27d73bcdf0c0433579b5"
age: 79674
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: IpDuLagN105xVxTmnXPIgd50k_GY-sdxVMlmK2de6l0_mXFJRgrc6A==
date: Wed, 20 Nov 2024 03:12:15 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 08:44:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H2 200 hkn.js Show response
tag.hariken.co/ Frame CC28 0
128 B 700ms
162ms Script
text/html 52.202.177.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.hariken.co/hkn.js?code=39b4d650-d98c-11ed-87f5-97af516aa83b
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.177.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-177-174.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-length: 0
date: Thu, 21 Nov 2024 01:19:54 GMT
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 prebid9.18.js Show response
s0.2mdn.net/dfp/517466/4406976690/1730992053445/ Frame F226 224 KB
0 1139ms
1139ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

7ca2cf1d5abc905d804abe1e9b678efcee0e81764363124f7c1e210057477e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
age: 34688
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 15:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:41:47 GMT
last-modified: Thu, 07 Nov 2024 15:07:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 80049
x-xss-protection: 0
server: sffe

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F226 108 KB
0 1138ms
1138ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c886e373819e0ca3b5dc764806d7de098d65803bcae52f57784f5ac653107b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 281 / 20048 / 31089085 / config-hash: 18155100074987193569
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33685
x-xss-protection: 0
server: cafe

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame F226 15 KB
0 80ms
80ms Script
application/javascript 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"e577c18a64fa27d73bcdf0c0433579b5"
age: 79674
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: IpDuLagN105xVxTmnXPIgd50k_GY-sdxVMlmK2de6l0_mXFJRgrc6A==
date: Wed, 20 Nov 2024 03:12:15 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 08:44:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H2 200 hkn.js Show response
tag.hariken.co/ Frame F226 0
86 B 373ms
165ms Script
text/html 52.202.177.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.hariken.co/hkn.js?code=39b4d650-d98c-11ed-87f5-97af516aa83b
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.177.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-177-174.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-length: 0
date: Thu, 21 Nov 2024 01:19:54 GMT
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 prebid9.18.js Show response
s0.2mdn.net/dfp/517466/4406976690/1730992053445/ Frame C5DC 224 KB
0 654ms
654ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

7ca2cf1d5abc905d804abe1e9b678efcee0e81764363124f7c1e210057477e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
age: 34688
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 15:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:41:47 GMT
last-modified: Thu, 07 Nov 2024 15:07:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 80049
x-xss-protection: 0
server: sffe

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C5DC 108 KB
0 652ms
652ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=suaurl.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c886e373819e0ca3b5dc764806d7de098d65803bcae52f57784f5ac653107b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 281 / 20048 / 31089085 / config-hash: 18155100074987193569
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33685
x-xss-protection: 0
server: cafe

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame C5DC 15 KB
0 82ms
82ms Script
application/javascript 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"e577c18a64fa27d73bcdf0c0433579b5"
age: 79674
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: IpDuLagN105xVxTmnXPIgd50k_GY-sdxVMlmK2de6l0_mXFJRgrc6A==
date: Wed, 20 Nov 2024 03:12:15 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 08:44:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H2 200 hkn.js Show response
tag.hariken.co/ Frame C5DC 0
86 B 610ms
319ms Script
text/html 52.202.177.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.hariken.co/hkn.js?code=39b4d650-d98c-11ed-87f5-97af516aa83b
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.177.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-177-174.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-length: 0
date: Thu, 21 Nov 2024 01:19:55 GMT
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame CC28 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd67d69d9ee5a815a9c18857afb6ee1f3afa77a295914966a5c3a1752c012728

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F226 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd67d69d9ee5a815a9c18857afb6ee1f3afa77a295914966a5c3a1752c012728

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 1046ms
133ms Fetch
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-C528SSEPW2&gtm=45je4bk0v9119067080za200&_p=1732151993878&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1122608945.1732151994&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732151994&sct=1&seg=0&dl=https%3A%2F%2Fsuaurl.com%2Fb53a1d&dt=SuaUrl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2603
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C528SSEPW2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://suaurl.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon.ico
suaurl.com/ 4 KB
4 KB 162ms
161ms Other
image/x-icon 104.243.41.128
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://suaurl.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.243.41.128 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a62afaeb13f4bd1c8b308bbb4da7d4ee99ac88479d36be2a25bfbe8c7ba48c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/b53a1d

Response headers

cache-control: public, max-age=0, must-revalidate
x-cache: MISS
x-nextjs-cache: HIT
date: Thu, 21 Nov 2024 01:19:54 GMT
content-type: image/x-icon
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
server: nginx

GET
H2 200 prebid8.20.2.js Show response
get.optad360.io/assets/js/ 510 KB
164 KB 105ms
105ms Script
text/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=360000000
content-encoding: gzip
etag: W/"643c66a3d7b92031d1740b1b750e096d"
age: 1622741
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: PtAs3BOnqVogJmvE8oqEDNyHr3pefgprzk3kYqELLQQxI8rGzn8Caw==
date: Sat, 02 Nov 2024 06:34:14 GMT
content-type: text/javascript
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 812ms
113ms Image
image/svg+xml 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cache-control: public, max-age=360000000
content-encoding: gzip
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
age: 27288330
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Q30_K-P_LE3ubxJPEl12R5nYP30GbcYdF-cBph8uSdCqwyG1THc4ZQ==
date: Wed, 10 Jan 2024 05:14:26 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding

GET
H2 200 150684666 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 735ms
104ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/150684666?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

ESF /

Resource Hash

1222ed82b17bfc191d91179d1f4f5444f5a47900c27fdef047d222a07bf4bcd3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-H01c4m7XDq6uCr7ZOfTj1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDsXvqr51sAh82ntvGqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAABco0Jz"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-H01c4m7XDq6uCr7ZOfTj1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 204 b
sb.scorecardresearch.com/ Frame C5DC 0
224 B 59ms
58ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&cs_it=b9&cv=4.9.0%2B2410250554&ns__t=1732151994558&ns_c=UTF-8&cs_cfg=100&ns_if=1&c7=https%3A%2F%2Fsuaurl.com%2Fb53a1d&c8=ft%20TEMPLATE%20%7C%20NOBETA&c9=
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Aew0E4nqyjXqxc3Tv0Z0w3-trmVWfN2M_zaiSbHNBkjreyFcjR9Dbw==
date: Thu, 21 Nov 2024 01:19:54 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H2 204 b
sb.scorecardresearch.com/ Frame F226 0
224 B 100ms
99ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&cs_it=b9&cv=4.9.0%2B2410250554&ns__t=1732151994559&ns_c=UTF-8&cs_cfg=100&ns_if=1&c7=https%3A%2F%2Fsuaurl.com%2Fb53a1d&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c9=
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: aFcnE3cn6STzgPPHNpt6bkr-6b-D30aTGUozEQzchsLHkPqj2gWOQQ==
date: Thu, 21 Nov 2024 01:19:54 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H2 204 b
sb.scorecardresearch.com/ Frame CC28 0
224 B 100ms
100ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&cs_it=b9&cv=4.9.0%2B2410250554&ns__t=1732151994559&ns_c=UTF-8&cs_cfg=100&ns_if=1&c7=https%3A%2F%2Fsuaurl.com%2Fb53a1d&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c9=
Requested by: Host: suaurl.com
URL: https://suaurl.com/b53a1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 64iPMptwWUgLtJYozOmiy_EwlM0G3S-rDDDWenT6YVe3MPQpSDWy2w==
date: Thu, 21 Nov 2024 01:19:54 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 565ms
83ms Fetch
application/json 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241121

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5acbd4d037a01b50956ec872e7fdc2d0d22a866c4c7e68f98e9dbcf24da0d2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63f-ddVQtEp/kJIszwRZ8Arr+laVyY4"
age: 33545
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-mxp6949-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 837
x-jsd-version: 1.0.2246

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 696ms
102ms Script
application/javascript 172.67.75.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Age: 485630
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByGmLSk4RCf8b6J2InIH0SfpNem%2BrKXBICKpBvH1PP%2BoHvjH%2Bw14vIqgGhkSjh8JlzIje1gKWx4U2kn9sB%2BTK5ZkIAq1ARVRW62KlbC3eRCkLxGGvgV6Rz1CeC1OC%2F%2BU"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=30067&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3461&recv_bytes=2229&delivery_rate=144887&cwnd=246&unsent_bytes=0&cid=fe5941f4ec8324b7&ts=226&x=0"
Date: Thu, 21 Nov 2024 01:19:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Nov 2024 09:54:58 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8e5cdab3acd94d31-FRA
Server: cloudflare

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
170 B 677ms
181ms Fetch 212.77.99.29
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

accept-ch-lifetime: 604800
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:55 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
server: nginx
access-control-allow-credentials: true

POST 431
prebid.mgid.com/prebid/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 435ms
94ms Fetch
application/json 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://suaurl.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 676ms
181ms Fetch
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

40d886366d17b9c2472089f1f722dc28c62a6bccb20db0ecd6d35d847def1c77

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.83; 185.198.62.83; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://suaurl.com
an-x-request-uuid: 363ca338-7c41-45b6-958e-50f8b02c73fe
content-length: 145
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 01:19:55 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 395ms
64ms Fetch 163.5.194.34
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:55 GMT
x-envoy-upstream-service-time: 2
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/ Frame CC28 489 KB
152 KB 60ms
60ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 8976680079670756433
age: 29919
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 17:01:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 17:01:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155188
x-xss-protection: 0
server: cafe

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/ Frame F226 489 KB
0 32ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 8976680079670756433
age: 29919
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 17:01:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 17:01:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155188
x-xss-protection: 0
server: cafe

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/ Frame C5DC 489 KB
0 8ms
8ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 8976680079670756433
age: 29919
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 17:01:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 17:01:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155188
x-xss-protection: 0
server: cafe

POST /
prebid.smilewanted.com/ Frame CC28 0
0

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebidfledge/ Frame CC28 0
172 B 797ms
193ms Fetch 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebidfledge/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:56 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebidfledge/ Frame F226 0
172 B 794ms
192ms Fetch 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebidfledge/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:56 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST /
prebid.smilewanted.com/ Frame F226 0
0

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebidfledge/ Frame C5DC 0
173 B 739ms
137ms Fetch 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebidfledge/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1730992053445/prebid9.18.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:56 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST /
prebid.smilewanted.com/ Frame C5DC 0
0

GET
H2 200 / Show response
ui.cleverwebserver.com/ 204 B
409 B 317ms
233ms Script
application/javascript 172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: scripts.cleverwebserver.com
URL: https://scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8dfa874bf48e64488305c6997feffda8aff2d3cef196b807d650ff9e8eff05c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e5cdab56b6a8fce-FRA
access-control-allow-origin: *
date: Thu, 21 Nov 2024 01:19:55 GMT
content-type: application/javascript
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 172 KB
64 KB 751ms
84ms Script
application/javascript 104.18.22.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50587807cc16ed2080e4de61c1f25babdc298f0f95e6ffc2ae06cfb90d5218ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cache-control: public,max-age=1200,stale-while-revalidate=86400,stale-if-error=172800
content-encoding: gzip
etag: W/"2f3fc4889787585c822cc9ea10ae497e23e8feb1"
age: 0
cf-ray: 8e5cdab96c78d269-FRA
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 20 Nov 2024 17:49:12 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 61 KB
20 KB 751ms
87ms Fetch
application/javascript 172.67.75.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd43d3bd3b997bc217284091f0a3c3277390dd116138876b260a27d650b4dfd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"268cc3ad526fe25c037551e2fef090a1"
Age: 158160
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2Y9bipC7N8t1V7m%2BCvnxy1flS%2B%2B6ngm05ahoMpv4F8D1PMtNx2bRiuhTL1YpcD0jFREXfjrh3A2O9x80wsusPiMar94efoZTOlIohPOamkJRV7dWax2gZJ%2BebDLLU%2Bz"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=38854&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3462&recv_bytes=2226&delivery_rate=156039&cwnd=252&unsent_bytes=0&cid=85da50fe14d93bce&ts=145&x=0"
Date: Thu, 21 Nov 2024 01:19:56 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Nov 2024 09:54:54 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8e5cdab97f003617-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H2 200 AGSKWxX1o0E2KtvZCTl4LKUjFttfeGLAPKhOBHe5VPdsPydhmv_ky1x26hlNX8A-KZCOkhduXCHhrn24sISBL_qgpLclBwT8Zkf2Y0lwa_wWmJsyNdTMjDYK-l6ytY02D_IIwvHi5reHlw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 244ms
49ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1o0E2KtvZCTl4LKUjFttfeGLAPKhOBHe5VPdsPydhmv_ky1x26hlNX8A-KZCOkhduXCHhrn24sISBL_qgpLclBwT8Zkf2Y0lwa_wWmJsyNdTMjDYK-l6ytY02D_IIwvHi5reHlw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTUxOTk1LDg2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZCIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksIml0Il0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c41832153df3c7a9c76ac9ed09703187c195db56b8db2bca17f6f51008a75b0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qtqFMVKTkQPPSa7eHS1Nzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTNsWfqr51sAg1PWvmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAzjCwwA9IVBRQ"
content-security-policy: script-src 'report-sample' 'nonce-qtqFMVKTkQPPSa7eHS1Nzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 5EE2 0
0 592ms
90ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:09:07 GMT
expires: Thu, 21 Nov 2024 01:59:07 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 443ms
55ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 2497080
x-goog-stored-content-encoding: gzip
expires: Thu, 23 Oct 2025 03:41:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 23 Oct 2024 03:41:56 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY3U4AVhwADiL4fQs5_f64WzF3fe5uokvESd7tPAvzHh_Qy2huxI07a9_ZRXayrZBjItqyg5DcU50w
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 923ms
146ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Fri, 22 Nov 2024 01:19:56 GMT
access-control-allow-origin: *
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 636ms
100ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 6375
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230042-FRA, cache-mxp6982-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 439
x-jsd-version: master

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 600ms
67ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

x-amz-id-2: iwQdJyyuZhhzgIGKuPbawutEH6MhRYyT5FoKZK6+XDuM/X+k7hbLdgcyCM5Xi8qh1JM3SFaWcbKX6LP1TuoG2FQHgx0jBhpG/Zsoh4THXUg=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 356
x-amz-request-id: 7MVK7KZB16FPDWVD
cf-ray: 8e5cdab9e90e2c5b-FRA
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 711ms
328ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 645981f0c303f1c2b44a3ec89d22d607

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 455ms
72ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0996942afd9a0f201960aa9c55af925d0e2382b01e40bfdcdc7c1e4c7b5a089

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4a385df4045c9db00ad295e7c0ca65d1"
age: 76752
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0UL05i3T2tLQ41mrkFXF5U20TRIscqvdd8i_UTWtLpOO-IrFo2oQsA==
date: Wed, 20 Nov 2024 04:00:45 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 827ms
91ms Script
text/javascript 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 67233
Connection: keep-alive
Via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: Mo4HSEt93KNAzkpLzx0V2cvRPNpJnCLlxs-lP5gdHU1weBD3DbPVZg==
Date: Wed, 20 Nov 2024 06:39:24 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
x-amz-server-side-encryption: AES256

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 949ms
200ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653a6f57-17cae"
cross-origin-resource-policy: cross-origin
expires: Fri, 22 Nov 2024 01:19:56 GMT
access-control-allow-origin: *
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: text/javascript
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx

GET
H2

200

/
lp.cleverwebserver.com/dync/snai/ Frame 6BFA
Redirect Chain

https://sender.cleverwebserver.com/group/47210?id=958923&ref=aHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZA%3D%3D&ruri=&t=1732151995&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=TGludXg&res=1600x1200&app...
https://lp.cleverwebserver.com/dync/snai/?id=958923&group=47210&tracker=aHR0cHM6Ly9pbmZvcm1hdG9yaWFkcy5zbmFpLml0L3JlZGlyZWN0LmFzcHg%2FcGlkPTM3NTM2JmJpZD0yNzgw&ctr=it&reg=25&pl=Linux&ref=aHR0cHM6Ly9...

0
0

227ms
139ms

Document
text/html

172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/dync/snai/?id=958923&group=47210&tracker=aHR0cHM6Ly9pbmZvcm1hdG9yaWFkcy5zbmFpLml0L3JlZGlyZWN0LmFzcHg%2FcGlkPTM3NTM2JmJpZD0yNzgw&ctr=it&reg=25&pl=Linux&ref=aHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZA%3D%3D
Requested by: Host: scripts.cleverwebserver.com
URL: https://scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=28800
cf-cache-status: MISS
cf-ray: 8e5cdabebab8dc59-FRA
content-encoding: br
content-type: text/html
date: Thu, 21 Nov 2024 01:19:57 GMT
expires: Thu, 21 Nov 2024 09:19:57 GMT
last-modified: Wed, 20 Nov 2024 17:19:30 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: 7AEEvrH2oZvCWlJnqWb/KTVz2fKaMAnB2r21Yjx5rKb/h8CXdXf/lmIWUcYuIdDIOu0pIFO/MXE2PAcnh2ERBrM8razewy0DQUsIIahSBgk=
x-amz-request-id: 3V6N6KD8VWWD4S8F

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e5cdabc081bdc59-FRA
content-type: text/html
date: Thu, 21 Nov 2024 01:19:56 GMT
location: https://lp.cleverwebserver.com/dync/snai/?id=958923&group=47210&tracker=aHR0cHM6Ly9pbmZvcm1hdG9yaWFkcy5zbmFpLml0L3JlZGlyZWN0LmFzcHg%2FcGlkPTM3NTM2JmJpZD0yNzgw&ctr=it&reg=25&pl=Linux&ref=aHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZA%3D%3D
server: cloudflare

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 216ms
106ms Image
image/gif 172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=47210&c=IT&r=25&l=435&b=Chrome&bv=130&os=Linux&mob=0&v=2.23.0&lg=it-IT&ref=aHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZA%3D%3D&ruri=&s=446dc0bba05367efa51fb4ac97118ac270b8dcb0bcef9a8b8272f172ddbbae8d&st=W&iv=-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cf-ray: 8e5cdab83c358fce-FRA
content-length: 43
cf-cache-status: DYNAMIC
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 Clever.png
assets.cleverwebserver.com/ 246 B
604 B 207ms
97ms Image
image/webp 172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.cleverwebserver.com/Clever.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb006a0b050b23c08f6dd3c708c340b1bdb781ec1e7531e141de0335541bfb26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "7779f267d83fed11f6781a4de2e32020"
age: 14
cf-cache-status: HIT
expires: Thu, 21 Nov 2024 05:19:56 GMT
cf-polished: origFmt=png, origSize=1390
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: image/webp
content-disposition: inline; filename="Clever.webp"
vary: Accept
last-modified: Mon, 18 Nov 2024 10:12:32 GMT
x-amz-id-2: XJIKc+788VIBfTlnsSI/6tYH1mmLFWdJRjRYvSBp1BjwalCRTaWiJlBRpI07TYvq52wbN+GmV30=
cache-control: public, max-age=14400
x-amz-request-id: QCYBT1GYG2FRXG8F
cf-ray: 8e5cdab83c348fce-FRA
accept-ranges: bytes
content-length: 246
server: cloudflare

GET
H2 200 Close.png
assets.cleverwebserver.com/ 1 KB
1 KB 102ms
73ms Image
image/webp 172.64.154.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.cleverwebserver.com/Close.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229bf10f5f36870f5bc54e3fd54cb57dc8eaabfba04cac0615dba5ff49f3fab1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "0d557c35f43ca93fdfff48912fe91618"
age: 1670
cf-cache-status: HIT
expires: Thu, 21 Nov 2024 05:19:56 GMT
cf-polished: origFmt=png, origSize=1889
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: image/webp
content-disposition: inline; filename="Close.webp"
vary: Accept
last-modified: Mon, 18 Nov 2024 10:12:32 GMT
x-amz-id-2: miHOv9bAs0zvEe47KgHZPGXCwZIsjLhpsVXuvg6B8ayPJjz0czM20n3tFb9gGpuMbXpQaEoKASpJaNhO8OWVlQ==
cache-control: public, max-age=14400
x-amz-request-id: MTBDAPNFG0WQMRS4
cf-ray: 8e5cdab8bc578fce-FRA
accept-ranges: bytes
content-length: 1114
server: cloudflare

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 5AD5 0
0 92ms
92ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:09:07 GMT
expires: Thu, 21 Nov 2024 01:59:07 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame C5DC 17 KB
13 KB 917ms
165ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411140201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fb7b0ad49ec49c6839a5d22951af486765810fbd47e0834068017a096c32266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12900
date: Thu, 21 Nov 2024 01:19:57 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C5DC 954 B
835 B 424ms
397ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3749914768722478&correlator=2966740498590765&eid=31089065%2C31089085&output=ldjh&gdfp_req=1&vrg=202411140201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=150684666%3A22401457065%2Csuaurl.ft&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&sfv=1-0-40&eri=5&sc=1&lrm=25&cookie_enabled=1&abxe=1&dt=1732151996461&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=l677n36wmw5c&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsuaurl.com%2Fb53a1d&top=suaurl.com&vis=1&psz=0x0&msz=0x0&fws=388&ohw=0&td=1&egid=36992&tan=311bad75-7639-44c1-a640-98f1ba0bee8e&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY8du34rQySABSAghkEhwKDWNyd2RjbnRybC5uZXQY8tu34rQySABSAghkEhkKCnVpZGFwaS5jb20Y8tu34rQySABSAghkEhQKBW9wZW54GO7ft-K0MkgAUgIIbxIbCgxpZDUtc3luYy5jb20Y8tu34rQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPHbt-K0MkgAUgIIZBIXCghydGJob3VzZRjy27fitDJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732151993984&idt=1592&adks=795441444&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93bfdb7bd21fbb6c909eb635e97a5541d3aed57f102b0598ceb0881854289d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://suaurl.com
content-length: 446
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
60096e608e77923a238df43a1c7e5d0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4C7 0
0 901ms
62ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60096e608e77923a238df43a1c7e5d0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:19:57 GMT
expires: Thu, 21 Nov 2024 01:19:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collector Show response
collector-pxpjuop4kq.px-cloud.net/api/v2/ 647 B
887 B 823ms
237ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxpjuop4kq.px-cloud.net/api/v2/collector
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 7d5a604b54ecb27f67961d68d55164a2572640d62ba677996dacde4bf96584b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://suaurl.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://suaurl.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: application/json; charset=utf-8

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 245ms
171ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://suaurl.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: application/octet-stream
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame CC28 0
0 921ms
129ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://suaurl.com/

Response headers

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 707ms
137ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://suaurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 21 Nov 2024 01:19:57 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9D74 0
0 21ms
21ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:09:07 GMT
expires: Thu, 21 Nov 2024 01:59:07 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame CC28 17 KB
13 KB 901ms
126ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411140201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

624a84f13f1eef8dd7086bd8c76072268f63d75923720bdb557fc667b2a8d332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12834
date: Thu, 21 Nov 2024 01:19:57 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CC28 958 B
627 B 500ms
490ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1307373901659470&correlator=3534306876602112&eid=31085776%2C31089085&output=ldjh&gdfp_req=1&vrg=202411140201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=150684666%3A22401457065%2Csuaurl.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1024x768%7C970x250%7C970x90%7C728x90%7C366x380%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1732151996675&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=adbc3t1cislv&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsuaurl.com%2Fb53a1d&top=suaurl.com&vis=1&psz=0x-1&msz=0x-1&fws=260&ohw=0&td=1&egid=36992&tan=4cb99022-71dd-4730-8a55-73c81589a34f&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYrOG34rQySABSAghqEhwKDWNyd2RjbnRybC5uZXQY8tu34rQySABSAghkEhkKCnVpZGFwaS5jb20Y8tu34rQySABSAghkEhQKBW9wZW54GO7ft-K0MkgAUgIIbxIbCgxpZDUtc3luYy5jb20Y8tu34rQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPHbt-K0MkgAUgIIZBIXCghydGJob3VzZRjy27fitDJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732151993955&idt=1651&adks=2534709674&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db4e2cc69827d12f8a0875573d7e3b51c6d7b0f8143f1d476a69a17c14ed21ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://suaurl.com
content-length: 448
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
08356c4c695d6fc7c04578316a1de16d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 796F 0
0 885ms
125ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08356c4c695d6fc7c04578316a1de16d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:19:57 GMT
expires: Thu, 21 Nov 2024 01:19:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 523A 0
0 2ms
2ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:09:07 GMT
expires: Thu, 21 Nov 2024 01:59:07 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame F226 17 KB
13 KB 969ms
93ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411140201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb28aef1a79694a13d6e37ace61281498e32563790841924dbfe98b94c9887ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13062
date: Thu, 21 Nov 2024 01:19:57 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F226 957 B
620 B 465ms
458ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725127935409344&correlator=1013228709535219&eid=31088726%2C31088953%2C31089085&output=ldjh&gdfp_req=1&vrg=202411140201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=150684666%3A22401457065%2Csuaurl.alert&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x100%7C320x50%7C336x280%7C250x250%7C320x100%7C300x250%7C300x100%7C468x60&fluid=height&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1732151996706&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=-1&ucis=ncgew7v1voe3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsuaurl.com%2Fb53a1d&top=suaurl.com&vis=1&psz=472x136&msz=0x-1&fws=388&ohw=0&td=1&egid=36992&tan=e08a532c-74b0-458d-bd5f-87f0eb8bb672&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYrOG34rQySABSAghqEhwKDWNyd2RjbnRybC5uZXQY8tu34rQySABSAghkEhkKCnVpZGFwaS5jb20Y8tu34rQySABSAghkEhQKBW9wZW54GO7ft-K0MkgAUgIIbxIbCgxpZDUtc3luYy5jb20Y8tu34rQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPHbt-K0MkgAUgIIZBIXCghydGJob3VzZRjy27fitDJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732151993979&idt=1619&adks=3251014026&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

cafe /

Resource Hash

64261dbc75f8a4fcd1d3c717e6b8851520c8875a5e9cbed1a297c47c249dce10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://suaurl.com
content-length: 441
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
18aca2629e6171bcd9d793519ea2b67f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B50 0
0 843ms
124ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://18aca2629e6171bcd9d793519ea2b67f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:19:57 GMT
expires: Thu, 21 Nov 2024 01:19:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
226 B 526ms
61ms XHR
text/plain 141.95.33.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://suaurl.com
date: Thu, 21 Nov 2024 01:19:56 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 177 B
442 B 615ms
156ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 70eb7f17e6f16d739b0555b719bab4d74ce04b6e5657e352bc67cae3144eab56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: application/json
x-cloud-trace-context: 7bfd503bdcd2d17d6fcbb29748618c7d
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H2 200 adv_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXSBkyu0_Wy2eKKaUXxVsfjwIUvb1WClFnXvw7AZFhwJchjavcmlVgZoOEhA-tRl2iciwuVLTNGz8qhYw80dyZkpInynIpRukYAZ-IwEpo8Z_zFPiWYKFQ6Q29cv7RrphRi68_MfSoHuhs_7iXNnuFdFoILh... 54 B
529 B 254ms
253ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXSBkyu0_Wy2eKKaUXxVsfjwIUvb1WClFnXvw7AZFhwJchjavcmlVgZoOEhA-tRl2iciwuVLTNGz8qhYw80dyZkpInynIpRukYAZ-IwEpo8Z_zFPiWYKFQ6Q29cv7RrphRi68_MfSoHuhs_7iXNnuFdFoILh799RRQZFEkW4IYegG5l6i82gDqCEShn/_/lazy-ads-/ads-right./leader_ad./icon_advertising_/uploads/adv_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxQNYPAKXJyEJP2UfAWdgN9GMDNZw/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b27932a6a97089dab800e6670cbbbbde685c9847faa99be5d6fb3b93539d4d8e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1wDnx-Y4X_-k3B6wON4GFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:56 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDsWfqr51sAgvWnz_FrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAABRv0I5"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1wDnx-Y4X_-k3B6wON4GFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 724ms
121ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3cf37315a24517c244a1b4f34104c1b3f0c8f36f9e8c27899b417c864fee8f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: br
etag: 5228606644324148891
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53522
x-xss-protection: 0
server: cafe

POST
H2 204 AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 641ms
123ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2t42KLMugxECRzXvQRfErA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBicEqfwRoCxAxfr7ByALEQD8feqb92sgnc-Nr2kVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAE96Juw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2t42KLMugxECRzXvQRfErA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://suaurl.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA== Show response
fundingchoicesmessages.google.com/el/ 0
354 B 376ms
123ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1IpKe5Mpe8V1psBBhxcCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoCxAxfr7ByALEQD8feqb92sglMuHnwI6OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAD91Jro"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1IpKe5Mpe8V1psBBhxcCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://suaurl.com
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame C5DC 0
0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame CC28 18 KB
7 KB 875ms
154ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:58 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 204 AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA== Show response
fundingchoicesmessages.google.com/el/ 0
355 B 65ms
60ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0TGo2qMDA0qgDGlkb3ftdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoCxAxfr7ByALEQD8feqb92sgmc2LruLZOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAD-ZJrk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0TGo2qMDA0qgDGlkb3ftdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://suaurl.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA== Show response
fundingchoicesmessages.google.com/el/ 0
356 B 66ms
62ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqg0NzFA4XNx2h-iZstFtTGpNixXuqL4O44IH0bO6vdCR41m-KuW3Apg1hXJKDNETCffnjgZUCZYxbqLkCY2Y8rH3IwHU6nkFb1JfpU4TUsnT1ywRJup0iBPwOpGIGN00NwfVmsA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b4OGhj0jgVZkiCpMOQSEAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxAxfr7ByALEQD8feqb92sgmcWLbqA5OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAADiHJqM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b4OGhj0jgVZkiCpMOQSEAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://suaurl.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxV5CBjb4Fs4DDG7FoIzOzep2FY93QWbe80v3pOqLaZdnHGSHDPqT0aMt0bGdOPs-CGVtgB4XQp1Mc6_FzAGsGVH4Hni124wlCboVuXi0KIDr2Neo40xhJNQgmZkL-6w-8c_MXXfBg== Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 90ms
88ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV5CBjb4Fs4DDG7FoIzOzep2FY93QWbe80v3pOqLaZdnHGSHDPqT0aMt0bGdOPs-CGVtgB4XQp1Mc6_FzAGsGVH4Hni124wlCboVuXi0KIDr2Neo40xhJNQgmZkL-6w-8c_MXXfBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTUxOTk3LDczNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc3VhdXJsLmNvbS9iNTNhMWQiLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJpdCJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cf428b875bcdf78a73d48559fb7fe1877b85cd4f1279000d8429e36dfb02bf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-je61yiHuJNz_1KO8lfJxzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:57 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDsXfqr51sAgsatn9jUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAABVN0Is"
content-security-policy: script-src 'report-sample' 'nonce-je61yiHuJNz_1KO8lfJxzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame F226 18 KB
0 741ms
214ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 01:19:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:58 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 syncframe
gum.criteo.com/ Frame B4C9 0
0 720ms
54ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=suaurl.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:19:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 271689
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 AGSKWxWkmRKw5x6NuWITJw3GYd6bXQo5CUXTO272oKMMyxRa9IPrqD9DGk2IOldc_VCCist_j1SYmI0srx9_8KQIDtokQb_tJYw1at0tQZ4oTAh5pEeuK-AoTV5W0LUFeapYVun2tXTZ4A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 136ms
135ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkmRKw5x6NuWITJw3GYd6bXQo5CUXTO272oKMMyxRa9IPrqD9DGk2IOldc_VCCist_j1SYmI0srx9_8KQIDtokQb_tJYw1at0tQZ4oTAh5pEeuK-AoTV5W0LUFeapYVun2tXTZ4A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTUxOTk4LDExMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc3VhdXJsLmNvbS9iNTNhMWQiLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJpdCJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b8d6e3bd514701efa5220a6f6ec173bd90c1a3179c529734f42d49b3aa6df7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xy8Mld6q5BBbgHafMVJWaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:58 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTNsW_qr51sAg1NR0qUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAzjCwwABjZBlA"
content-security-policy: script-src 'report-sample' 'nonce-Xy8Mld6q5BBbgHafMVJWaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame CC28 0
0 130ms
108ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://suaurl.com/

Response headers

GET
H2 200 AGSKWxX3P33OOlooQpSyq3H7GGWHrGY7PPYr8fDrkKy_vH-T550hwnZbPNPsvoLVaVZZ_gwlJAEELcMxIcnG109xVMC8GDFcmoGAuHI7ksyx8IgqH8FgFwmta1C8MvKEWl1dXxtKWwZTZw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 127ms
126ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3P33OOlooQpSyq3H7GGWHrGY7PPYr8fDrkKy_vH-T550hwnZbPNPsvoLVaVZZ_gwlJAEELcMxIcnG109xVMC8GDFcmoGAuHI7ksyx8IgqH8FgFwmta1C8MvKEWl1dXxtKWwZTZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTUxOTk4LDMzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiaXQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdWF1cmwuY29tL2I1M2ExZCIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksIml0Il0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85e76f21b55ef6e15e5e9b1833e53c5f26332f446e8d8634075ed23eb2f5a55b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QNaaOlozH3CaHFpPwimQoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://suaurl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:58 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDsW_qr51sAisuTNjDqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAABSckIg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QNaaOlozH3CaHFpPwimQoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxVh6tViHoZlPsc8pNka1Bcyju7OqpeMDZiaxjsJh8PXlid1r0I7rA2pJ7FyXstcWktRjt-HoWJZqVgG3_iENL2WRH-QLIIExcCkog5hn2wxXbrQb_iNL2L8LytV1ZoiZkg37atkwQ== Show response
fundingchoicesmessages.google.com/el/ 0
355 B 241ms
167ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVh6tViHoZlPsc8pNka1Bcyju7OqpeMDZiaxjsJh8PXlid1r0I7rA2pJ7FyXstcWktRjt-HoWJZqVgG3_iENL2WRH-QLIIExcCkog5hn2wxXbrQb_iNL2L8LytV1ZoiZkg37atkwQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kdx2trIv5wERYKw3rUle4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://suaurl.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 01:19:58 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBicEqfwRoCxAxfr7ByALEQD8e-qb92sgl8-HBxNZOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAFaLJwQ"
content-security-policy: script-src 'report-sample' 'nonce-Kdx2trIv5wERYKw3rUle4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://suaurl.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4FC8 0
0 611ms
132ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 00:38:53 GMT
expires: Thu, 21 Nov 2024 01:28:53 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 8A04 0
0 1333ms
58ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lUo7gITQDRaUK2lIVsMKhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suaurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lUo7gITQDRaUK2lIVsMKhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 01:19:59 GMT
expires: Thu, 21 Nov 2024 01:19:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D78D 0
0 671ms
671ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS