urlscan.io logo urlscan.io
SecurityTrails logo

screenshot.net Open in urlscan Pro
47.252.13.107  Public Scan

Go To Rescan Add Verdict Report
URL: https://screenshot.net/online-image-editor.html
Submission: On November 22 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 63 HTTP transactions. The main IP is 47.252.13.107, located in United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN. The main domain is screenshot.net.
TLS certificate: Issued by R3 on November 5th 2021. Valid for: 3 months.
This is the only time screenshot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 47.252.13.107 45102 (CNNIC-ALI...)
26 18.66.137.34 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 79.133.177.226 24429 (TAOBAO Zh...)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 240b:4001:f00... 45102 (CNNIC-ALI...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
63 15
3    47.252.13.107 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
screenshot.net
api.apowersoft.com
cdnweb.aoscdn.com
26    18.66.137.34 (United States)

ASN16509 (AMAZON-02, US)
d3j06uq18x1o3j.cloudfront.net
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    79.133.177.226 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.aoscdn.com
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    240b:4001:f00::20a (Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
wx-analytics.cn-hongkong.log.aliyuncs.com
8    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
Domain Requested by
26 d3j06uq18x1o3j.cloudfront.net screenshot.net
d3j06uq18x1o3j.cloudfront.net
8 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
4 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 pagead2.googlesyndication.com screenshot.net
pagead2.googlesyndication.com
1 www.google.com 1 redirects
1 www.googletagservices.com googleads.g.doubleclick.net
1 wx-analytics.cn-hongkong.log.aliyuncs.com cdnweb.aoscdn.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnweb.aoscdn.com screenshot.net
1 cdn.aoscdn.com screenshot.net
1 api.apowersoft.com screenshot.net
1 screenshot.net
0 javascrt.com Failed screenshot.net
63 19
Subject Issuer Validity Valid
screenshot.net
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.apowersoft.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-23 -
2022-04-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.aoscdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-25 -
2022-04-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.log.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-04-23 -
2022-05-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://screenshot.net/online-image-editor.html
Frame ID: C8DEB1EC9E91CBB807296A403CC9DA18
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 57C560B8560031F67999CCF6DD83C40D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Frame ID: 8A7F02A8B1520209EBCBD1C5439DE589
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html
Frame ID: BE6FB98D0511B6101530F2F538C8204F
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B2119255369DF1F59DDC2A9534A9BB5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Online Image Editor - Polish and Annotate Images

Page Statistics

63
Requests

98 %
HTTPS

73 %
IPv6

13
Domains

19
Subdomains

15
IPs

4
Countries

1075 kB
Transfer

2287 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request online-image-editor.html
screenshot.net/ 		42 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://screenshot.net/online-image-editor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.252.13.107 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
28635f34965adbe9de97031bd2053ab0a9ee11df35e0519a002ab6a9e3d29959

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
openresty
Date
Mon, 22 Nov 2021 12:01:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
WX-Access
notfound
WX-Client
overseas|gb|194.36.110.171|webp:true|app:web|mob:false
WX-Cache
miss
X-Served-By
webus1.aoscdn.com
Content-Encoding
gzip
api-screen-capture.css
d3j06uq18x1o3j.cloudfront.net/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/css/api-screen-capture.css?f44eaf229817f2c602e401f196f8ef84
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
78b7edaaa638a1637102cb2d43e8ff334c4a0ecf04b0b375a4141b6e862a7168

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:34:13 GMT
content-encoding
gzip
age
13580815
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Tue, 21 Jul 2020 07:57:14 GMT
server
openresty
etag
W/"5f169fda-47ff"
vary
Accept-Encoding
content-type
text/css
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
inKypTejA1wRcVmdlGT-FIX-PDBRgWFgqBiei11B27MNIFAvIrGfrw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.css
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/ 		141 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/global.css?e71dcd07051994c1d734edf41e5508f3
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d558d10f9a5f35ce68656ba98e7951e2dd08c8bfc309b7544e2fddbe92e5696c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 01:58:30 GMT
content-encoding
gzip
age
2368958
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-234a4"
vary
Accept-Encoding
content-type
text/css
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
CpR4UNrfS-k_BJj1cZrdN9h5_KHDSoNFgoZjfqnwvRXS8To6ifj3lw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
account.css
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/account/css/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/account/css/account.css?5467615c103cf6100e9da965aef2da01
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f7bdcea62b47dc8fe3e303c093b194c925d8938b2d97cc10ab318736ad12d40d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 16:47:47 GMT
content-encoding
gzip
age
3093201
x-cache
Hit from cloudfront
x-served-by
webus2.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-89b0"
vary
Accept-Encoding
content-type
text/css
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
XVH1A-EETF6VmUsrZsRpA8UmyUAzf4KdA-djZ2YeWvKUPqc3r0uqbA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
overwrite.css
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/overwrite.css?f62131454fccf943c4633485f014fd13
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f405bae4db7c81b219884a7090d87ded5083290ce4b2e6483f0dd9fda4e4e694

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:00:04 GMT
content-encoding
gzip
age
7189264
x-cache
Hit from cloudfront
x-served-by
webus2.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-1125b"
vary
Accept-Encoding
content-type
text/css
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
c8SWquzyT63Bvs-wSv46Atxw45M9NIeLtsI6W5pX59UmBwsrw-ENjg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article.css
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
85f0dee9efa840b06c335a544b205c5fb1db6624ac1fa4ffefec9326e6d8a9b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 02:13:25 GMT
content-encoding
gzip
age
7379263
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-8286"
vary
Accept-Encoding
content-type
text/css
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
q96wm2RFNGfkZOF9Xe95D-Sq3gKKa8-VVNw9wezNPQdXjcTxQqstnw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/langs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/langs/en.js?6b83c3c3bd4978a4e36d43b57ef0944a
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
07d4c452660df5c06e333f525ab9d82f4cd52a6a7311c268f76fd3c868161ae3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:32:11 GMT
content-encoding
gzip
age
13580937
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-ddd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
VqQK2yeiu-tPy6zbWF46X-BtiKk6A3Bdp6_UXaxyhVfHyWfLPdPIFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
polyfill.min.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/polyfill.min.js?45b9836beb16da615f0a74ead7c4b40c
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 08:37:07 GMT
content-encoding
gzip
age
3209040
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-19873"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
7TDjQzgMLf4CU0zzLkHSvMRgMPFbgYavdKad505na5Aa3DNNHg4Avg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/jquery.js?1d885317c4e955957b3187caa78f43ff
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9ad652f92fce512c3c54a4bb028c5c7a26afe5c42e07700dc607e71dcca2d54d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 01:16:26 GMT
content-encoding
gzip
age
11789082
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-27891"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
hgLogMZTNCEFAYlbCtP76ZuWPv8EQRrRhqLG5I6z8swg2b9jQK_yZw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		145 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/global.js?edb6dc8ba9452c3ad11cbf0f9e016c01
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
267d6df8634c675cdb7cecae5764a2052d5291f4a9c9a5fcffd95c5dcff48687

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 04:10:41 GMT
content-encoding
gzip
age
11778627
x-cache
Hit from cloudfront
x-served-by
webus2.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-243e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
K8oaNaGkVwJnkJCJowZ52j-ox6oQPS1DiGa7h_nFNJd6rmv2kPp1bQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.js
d3j06uq18x1o3j.cloudfront.net/account/langs/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/account/langs/en.js?34d3d5b18967cba3f89ce1eb3cde298d
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
fc31210b69c22cc69b24ca537594c40cad0650a5a0601385f33a9f8957c68776

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 21:01:09 GMT
content-encoding
gzip
age
3596399
x-cache
Hit from cloudfront
x-served-by
webus2.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Fri, 10 Sep 2021 02:53:21 GMT
server
openresty
etag
W/"613ac8a1-3f4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
dq5eal7dmJ68owVgtF5i5FdAbZJrmbsTUijgpatOhopDu-V2mYtoTQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
account-com.js
d3j06uq18x1o3j.cloudfront.net/account/js/ 		127 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/account/js/account-com.js?5c052ec3a4a153dc5504381818995ba5
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
3cca23757262fbe2853308da61c3a1931d307f417a194356139d5c8d0c79ef97

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:38:05 GMT
content-encoding
gzip
age
534183
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Tue, 16 Nov 2021 07:37:59 GMT
server
openresty
etag
W/"61935fd7-1fcfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
meMPMvr1Z17DeKjLIlAnOZuhnVzeOTcJQK0Rwm2mLYttb8cFApq3nw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
overwrite.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/overwrite.js?06f3137cd624ebf5d04bc688c30fb1bf
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
74870dbb2ede2d2e6f537e191078c1d277f462ca97f91ff1f5fb97531057bffc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 07:11:26 GMT
content-encoding
gzip
age
11854182
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-ae06"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
L3hZzSGutS-jjeJZJWj0gYObzN_U52bBsxIs0Un3pSP9jc2W7xx54A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
screenshot
api.apowersoft.com/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.apowersoft.com/screenshot?apower=1&css=0&js=0&lang=en
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.252.13.107 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
dbc70301d4afe314ff9519898b02bca2c28cf8bc911aac2f9a320be307d9c29d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 12:01:08 GMT
Content-Encoding
gzip
Server
openresty
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Served-By
webus2.aoscdn.com
api-screen-capture.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/api-screen-capture.js?40b3294c4d9a2b782a3f1e70219f9307
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a4163d626e92c942a225a7d2146199303c3dd606ca7f02ed811feb6042dad051

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 04:10:41 GMT
content-encoding
gzip
age
11778627
x-cache
Hit from cloudfront
x-served-by
webus1.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-56e3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
4BP0RFJQIr2FL-ZSnFSDtG0nmoGiXlEdX3a5nybewOjdJh7m_sP-aw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/ 		208 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/js/article.js?2e49b77b034ef1e592d833759f988e01
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
05fc6a9184dc0117594fb819a1bc81941d4c2e542eb44b3f5bcd316fa8c41b58

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:32:11 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13580937
x-cache
Hit from cloudfront
content-length
208
x-served-by
webus1.aoscdn.com
x-content-type
text
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-d0"
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
s1bUAweYe6FIOVKoGSnzIOi8y4wTF7KVguu98Dng3eaPClabJMe6MQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.js
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/langs/ 		49 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/langs/en.js?26b213c4240a1e8df1ab632201a40771
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2900b99f4bf0f17e834fa592da73d4e888d388e39759c8f04ebdaa0e53923029

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:32:11 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13580937
x-cache
Hit from cloudfront
content-length
49
x-served-by
webus2.aoscdn.com
x-content-type
text
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-31"
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
x-FeX877mheA_Om6v2EKTSOj19fRjVcECP228VGNTIK3ewP7gQdhhg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
editing-options.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/editing-options.jpg.webp?72af3dcd7090d29847c3e934d5549c13
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
39aa66ab541a0fb27feade4c2b5decc56cc84b3533b80ddd42cb14a18c98c073

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:52:08 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13579740
x-cache
Hit from cloudfront
content-length
16522
x-served-by
webus1.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-408a"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
52nq9i-w3_xilcWS9jlX4aOUv4Hu7_KLbkvV8AuZaGSkVPWm8BcdSA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
layers.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/layers.jpg.webp?c06876855d7a247910d689867895b495
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
86d87983157a8dc723e5f05ce1cf11b0676da6536fd241e63c5bccd26af62ef9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 23:15:20 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
4279548
x-cache
Hit from cloudfront
content-length
8340
x-served-by
webus2.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-2094"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
5Dtcp9UP9C7qK5MJu3OD775DajCwXrwlfh2J4hA6vl0VtPWX2Tn2BQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
effects.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/effects.jpg.webp?26b7da1525185e87aab2cf060026fde5
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1213c4e0d220fb8027d5a7dad5b7668d5c6033f92dcad4af7c6b367fe01c63

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:52:08 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13579740
x-cache
Hit from cloudfront
content-length
15730
x-served-by
webus2.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-3d72"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
0rgCvok0_gaaD6Z8Uy5gNmq2zCcAp2fB-G3n6E6jz-_zI6yrnA17jQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
simple-editing.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/simple-editing.jpg.webp?dc4dd56b9096d1f78a3c6b04e19741e7
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ffcbdee51932047565e8be426e5dce342bee50a8cf83f658d2b7c9df736c3036

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:23:25 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
7184263
x-cache
Hit from cloudfront
content-length
7244
x-served-by
webus1.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-1c4c"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
IY9FqltByk3BFNLsjZqAvtBSx0M-FrKhWWhmPQC8CzvejjW9lilpoA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
saturation.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/saturation.jpg.webp?0172b6d02fc0b1092e41d54f7d6fdf2d
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
afdf0e24d87ea1f80976801adb83d1c45d2067d9fec8cd13c2d41866dd8458ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:52:08 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13579740
x-cache
Hit from cloudfront
content-length
28466
x-served-by
webus1.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-6f32"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
yac174la8yR1OX9PEudF2e4RmLYvHZAHZZeHSOhr8QockVkRXrNvBw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
filter-spiral.jpg.webp
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/image/filter-spiral.jpg.webp?131bde473ab24bd5e31cdbfe791397c2
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
edf3cc8564f6130497330c4997f3c04fcbcc7befab015cdf944c26f5c2090d43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 07:52:08 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
13579740
x-cache
Hit from cloudfront
content-length
27864
x-served-by
webus1.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-6cd8"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
s1GVr1JevyTWCG9e94stMwWcLpe2mFi2URBsFUhSpa9dI05671oHlA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6066cd8b72cac525da9d2c7c4ef6e2d69a14f261959019fca28dfb2e884c7c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51205
x-xss-protection
0
server
cafe
etag
5511336191243432920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 12:01:08 GMT
api.js
javascrt.com/ 		0
0
firebase-wpn.min.js
cdn.aoscdn.com/wpn/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aoscdn.com/wpn/firebase-wpn.min.js?2020011501
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f6bb0636546d7beaea94d4e9bdd1cf4113404737875b8c8c80755a924ea4ca9c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 28 Aug 2020 18:55:21 GMT
content-encoding
gzip
age
38941550
x-cache
HIT TCP_MEM_HIT dirn:12:40427628
x-swift-cachetime
514402883
x-swift-savetime
Mon, 13 Sep 2021 06:14:32 GMT
content-length
999
x-served-by
webus2.aoscdn.com
x-content-type
text
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:30 GMT
server
Tengine
etag
W/"5e5c6846-6fa"
vary
Accept-Encoding
ali-swift-global-savetime
1598640921
content-type
application/javascript; charset=utf8
via
cache37.l2hk2[0,0,200-0,H], cache20.l2hk2[1,0], cache20.l2hk2[1,0], cache10.de3[0,0,200-0,H], cache12.de3[1,0]
cache-control
max-age=315360000, public
timing-allow-origin
*
eagleid
4f85b1a016375824713708455e
expires
Thu, 31 Dec 2037 23:55:55 GMT
wxhawkeye.js
cdnweb.aoscdn.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnweb.aoscdn.com/wxhawkeye.js?__href__=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html
Requested by
Host: screenshot.net
URL: https://screenshot.net/online-image-editor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.252.13.107 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
8d57c4cd772ced44b8116e7557b8e4a3e9b0f67019024d310dd7b9c76c88d86e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Nov 2021 12:01:09 GMT
Content-Encoding
gzip
Server
openresty
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
X-Served-By
webus1.aoscdn.com
text-logo.png
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/img/text-logo.png?d28d
Requested by
Host: d3j06uq18x1o3j.cloudfront.net
URL: https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/global.css?e71dcd07051994c1d734edf41e5508f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5d7566f34f878452ac7e01a73d0c814ac6eb5e411c9d1e6f019896e40960e750

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/global.css?e71dcd07051994c1d734edf41e5508f3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 07:00:04 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
2869264
x-cache
Hit from cloudfront
content-length
2771
x-served-by
webus2.aoscdn.com
x-content-type
image/video
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-ad3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public, 365d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
VdH4qtRKL0q5k1DgDobe1ooyn_E9yVIdpezj-nJ5P4V-UhxG4QikqQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
update-at.svg
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/ 		779 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/update-at.svg?15d7
Requested by
Host: d3j06uq18x1o3j.cloudfront.net
URL: https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d9b493464b04831ecc4f329f75632b2f131d2949231672b6d8b79634463bb293

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 06:12:04 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
14708944
x-cache
Hit from cloudfront
content-length
779
x-served-by
webus2.aoscdn.com
x-content-type
font
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-30b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
uH231Zkm82MF5ydFUbBznN3NMwZEFx8_fuXmwScwML03oe9equCPqA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
author.svg
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/ 		961 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/author.svg?10df
Requested by
Host: d3j06uq18x1o3j.cloudfront.net
URL: https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0f9b361fcb61c4ec946df2ef303d542744647d75a1bc9941c05659e4381d7e65

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 18:44:25 GMT
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
age
14663803
x-cache
Hit from cloudfront
content-length
961
x-served-by
webus2.aoscdn.com
x-content-type
font
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-3c1"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
uGtAkfFu_30jnu_7yrKZe46zzthMMsaMUk7uLExxk8h-2ZTxs_BM2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		747 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bd07f81cfc5d6bcca59d2c3462e69643d790583ccd5b0094f1c96ab16dc1fc2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		696 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
091e64657f5c8c95f7cc8f86f2a44b74cbdbaaf90d681f03b3b9d3c086a33805

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		533 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e4ff694e9b70b5af0aab17d1b30bf01c4f9813d756b445ba859e3898ee7f28

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		561 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fad1ea01038c1354743c436e3c9c330ff72b4032aad3b18eae217c2f221ecce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37f72ff493564d6abec65624c819b08e7fab96cbabadff549b508a5bbe0d4f3b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
news.svg
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/com/img/article/news.svg?9275
Requested by
Host: d3j06uq18x1o3j.cloudfront.net
URL: https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
18b5c5d1ca0d04d4317f9b3784d457be3ea4c2507bb6b6c81f8cb36ccc16c00a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/article.css?48f6c36b24453b20b3e58260f6c828cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 18:44:24 GMT
content-encoding
gzip
age
14663804
x-cache
Hit from cloudfront
x-served-by
webus2.aoscdn.com
x-content-type
font
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
W/"5e5c6840-454"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
wau-5gCyLH2DDlEreo00kVNPgDP72aot4UxXmMNOZk3SZAa5kf6w3g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
HelveticaNeueLight.woff
d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/font/ 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/font/HelveticaNeueLight.woff?e25d
Requested by
Host: d3j06uq18x1o3j.cloudfront.net
URL: https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/global.css?e71dcd07051994c1d734edf41e5508f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1cc8e3873eb7cce52ec64b9058a1bb623b74ab0b2dcb4e1242516fbea72a0984

Request headers

Referer
https://d3j06uq18x1o3j.cloudfront.net/local/screenshot.net/css/global.css?e71dcd07051994c1d734edf41e5508f3
Origin
https://screenshot.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:43:26 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
age
7276662
x-cache
Hit from cloudfront
content-length
127176
x-served-by
webus2.aoscdn.com
x-content-type
font
last-modified
Mon, 02 Mar 2020 01:58:24 GMT
server
openresty
etag
"5e5c6840-1f0c8"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
jHZnni6DFOdGSLF7Gd3iuTqMK0VMHlk7NOeRlyfEpHT28c_RQvo-cQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0627251510890130&plah=screenshot.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc52729df7ef636fa9c4187c30d80ce8d386a53f2d41fd2bf418ec87c3714ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99572
x-xss-protection
0
server
cafe
etag
6000701479642734209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 12:01:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 57C5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 22 Nov 2021 06:55:30 GMT
expires
Mon, 06 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
18338
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		204 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=screenshot.net&callback=_gfp_s_&client=ca-pub-0627251510890130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0627251510890130&plah=screenshot.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
617baca09c07eab9d5587328d9973363c7348b94a71d06ff6000657bb06a1105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=screenshot.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0627251510890130&plah=screenshot.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=screenshot.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0627251510890130&plah=screenshot.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8A7F 		88 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0627251510890130&plah=screenshot.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25af5f28cb1b280104e7ee9925ada228eb4991f8e309e5ba502f64151129ff09
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIqC8or2q_QCFQlMFQgdOA4Iag&gqi=hYabYeHxBfa91fAPpa62iAI&layout=/sadbundle/%24csp%253Der3%24/4740279802232045568/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIqC8or2q_QCFQlMFQgdOA4Iag&gqi=hYabYeHxBfa91fAPpa62iAI&layout=/sadbundle/%24csp%253Der3%24/4740279802232045568/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 22 Nov 2021 12:01:09 GMT
server
cafe
content-length
27529
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 12:01:09 GMT
cache-control
private
track_ua.gif
wx-analytics.cn-hongkong.log.aliyuncs.com/logstores/hawkeye/ 		43 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wx-analytics.cn-hongkong.log.aliyuncs.com/logstores/hawkeye/track_ua.gif?APIVersion=0.6.0&visitor=f7a7a2f19cde40088bb93c66be3c9cac&referrer=&geoip=194.36.110.171&apptype=&appfrom=&__topic__=screenshot.net&page=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html
Requested by
Host: cdnweb.aoscdn.com
URL: https://cdnweb.aoscdn.com/wxhawkeye.js?__href__=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240b:4001:f00::20a , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://screenshot.net/online-image-editor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 12:01:10 GMT
x-log-requestid
619B86866D7CB936C96065FF
Server
Tengine
x-log-time
1637582470
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Content-Length
43
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8A7F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 11:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 11:56:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A7F 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 12:01:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8A7F 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 11:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 11:59:15 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/ Frame BE6F 		90 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22c3c22a4b8f498eb15375d217a63be23f0edb5e5b06dca4a5498d05954daad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Tue, 16 Nov 2021 10:16:24 GMT
expires
Wed, 16 Nov 2022 10:16:24 GMT
last-modified
Tue, 09 Mar 2021 12:38:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
24667
age
524685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 8A7F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtjlHhYabYcqrBomY1fAPuJyg0AbPq-6wZujOrPnTDJaCzYWIFhABIP3erhFgu76ug9AKoAGQpIj4A8gBCakCBitKh4qItj6oAwGqBPUBT9Busxp0VXtKBRQIscGolNVumCpqBjZqC7tNzRStVO_r57IxOwZjk1vk9VNameRJbdL_RcEpf9ntluHRZ2-krcPPGOmlMY7dg12yTy8vSuhYZNps6IJXB1tBHtI4ehCOreq7IcPFC4saDdwzr2sJ6hyOIZAR51APnZRUY_RPTFnszVW7lsIPXEVNofKfSoaaosYGR6mjjN-e3GOagh6KXEnnTy9CHAhYxK7J59D-7YPKgZFr0MMd0w23cOcZcmv5j8UklY73tpJ28MSAyK9Z8fVZmarIzmYOLDzUXd-Afor9g236L4mM5lCMDlC-D9RaJ7oxYEfABILSwZ6TA5IFBAgEGAGSBQQIBRgEoAZrgAfY2_cHqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcB8gcEEO6uPdIICQiA4YAQEAEYX4AKAcgLAdgTDogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNjI3MjUxNTEwODkwMTMwGAA&sigh=z5ZwjW_x6SM&uach_m=[UACH]&template_id=531
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 22 Nov 2021 12:01:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Nov 2021 12:01:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B211 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 22 Nov 2021 11:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame B211
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 12:01:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 22 Nov 2021 12:01:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 22 Nov 2021 12:01:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BE6F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 04:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:22:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BE6F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 22 Nov 2021 14:22:06 GMT
truncated
/ Frame 8A7F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e782ae544456e1c4498883177af7c46e99a3705576dbc2850ab019e06e68d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
Craftsmen-long-logo_Hex-303546_L-1000.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/ Frame BE6F 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/Craftsmen-long-logo_Hex-303546_L-1000.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a63d5d195d307234525a32d5bf1ec5deda38235e173ba72c64acdefab291ad68
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
182886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22064
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 12:38:56 GMT
server
sffe
date
Sat, 20 Nov 2021 09:13:04 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 20 Nov 2022 09:13:04 GMT
round.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/ Frame BE6F 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/round.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b78daede6acd0c82e8364aeaa1ddd33926fd0f2a9a3960524e39266c2a16d0c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
251298
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77426
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 12:38:56 GMT
server
sffe
date
Fri, 19 Nov 2021 14:12:52 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Nov 2022 14:12:52 GMT
LOOOOGOOOO.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/ Frame BE6F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4740279802232045568/LOOOOGOOOO.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25070821488c8bdcdd530cc8c22e516e44562746b4afd13d9c8115f540aa72b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
182886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16171
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 12:38:56 GMT
server
sffe
date
Sat, 20 Nov 2021 09:13:04 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 20 Nov 2022 09:13:04 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame BE6F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRTBzH3EmCo5V03sGyDLgZHWQXnSry7UEz7dOE2Xzkt4yZxCu6Av8LimHu7Zg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f219e2f88a313a5a09ade10414d1ed66a1c6f24eae42fda47d4985f9c55029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 10:04:50 GMT
x-content-type-options
nosniff
age
438980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Thu, 14 Jun 2018 06:00:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Nov 2022 10:04:50 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame BE6F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRncJpW3zvIJ3Upv6pKKpCQb4vHuN717JfoRuuCqSxXGwBYTn-leXhljSfqLQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5afd2479e21c0f8c1c07db510cc4d95e244ad33e3a86025d0874252375992ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 19:31:07 GMT
x-content-type-options
nosniff
age
145803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15793
x-xss-protection
0
last-modified
Sat, 16 Jun 2018 16:06:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Nov 2022 19:31:07 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame BE6F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSjgHhl2vspuf1Hy0SwLcSoFhs3g8y9wnN5vqQOlDYNHBRJClRyFe8MYn9Jmg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98b7cd0f90214b04a527ebfbec1a1ca2d89c9a4883021942a2ac7806fdbac1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:25:36 GMT
x-content-type-options
nosniff
age
488134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15759
x-xss-protection
0
last-modified
Tue, 26 Jun 2018 04:50:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 16 Nov 2022 20:25:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ75X4fO5fvL5t_6K0PGfECK2e4uM1PL-p4o_ZOzOJGzkKi6zH88lxk7BXsaQM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4cf0754d29872da2eaf547133f96f1e672763ef7c512eea6c3117a1bcde3ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 06:35:56 GMT
x-content-type-options
nosniff
age
278714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
last-modified
Fri, 22 Jun 2018 16:35:01 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 19 Nov 2022 06:35:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame BE6F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSKiwUediP7d9cpEW_v06MFkvgvKwq5lF3JlvkRAqtN5VIoxWPahfkfcPYmug8&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4593cf1ebbcb12a1146931de8deef68b7705f39d7d59449f6363f42d925bab90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 05:49:28 GMT
x-content-type-options
nosniff
age
367902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16104
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 13:41:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Nov 2022 05:49:28 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame BE6F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSG9dSemZxqZTvAr1hsEWAcoU0ZQcNLNQ-2hTE02sAHW2bM4WO0U33ZGlftsQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713c92aaf9c5ae9b56b50788963618309a41d5a7d1f1d232e6fa16233004312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 13:52:53 GMT
x-content-type-options
nosniff
age
511697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15809
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 11:21:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 16 Nov 2022 13:52:53 GMT
truncated
/ Frame BE6F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
shopping
encrypted-tbn2.gstatic.com/ Frame BE6F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSKiwUediP7d9cpEW_v06MFkvgvKwq5lF3JlvkRAqtN5VIoxWPahfkfcPYmug8&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4593cf1ebbcb12a1146931de8deef68b7705f39d7d59449f6363f42d925bab90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 05:49:28 GMT
x-content-type-options
nosniff
age
367902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16104
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 13:41:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Nov 2022 05:49:28 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ75X4fO5fvL5t_6K0PGfECK2e4uM1PL-p4o_ZOzOJGzkKi6zH88lxk7BXsaQM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4cf0754d29872da2eaf547133f96f1e672763ef7c512eea6c3117a1bcde3ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 06:35:56 GMT
x-content-type-options
nosniff
age
278714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
last-modified
Fri, 22 Jun 2018 16:35:01 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 19 Nov 2022 06:35:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSjgHhl2vspuf1Hy0SwLcSoFhs3g8y9wnN5vqQOlDYNHBRJClRyFe8MYn9Jmg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98b7cd0f90214b04a527ebfbec1a1ca2d89c9a4883021942a2ac7806fdbac1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:25:36 GMT
x-content-type-options
nosniff
age
488134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15759
x-xss-protection
0
last-modified
Tue, 26 Jun 2018 04:50:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 16 Nov 2022 20:25:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRncJpW3zvIJ3Upv6pKKpCQb4vHuN717JfoRuuCqSxXGwBYTn-leXhljSfqLQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5afd2479e21c0f8c1c07db510cc4d95e244ad33e3a86025d0874252375992ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 19:31:07 GMT
x-content-type-options
nosniff
age
145803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15793
x-xss-protection
0
last-modified
Sat, 16 Jun 2018 16:06:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Nov 2022 19:31:07 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRTBzH3EmCo5V03sGyDLgZHWQXnSry7UEz7dOE2Xzkt4yZxCu6Av8LimHu7Zg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f219e2f88a313a5a09ade10414d1ed66a1c6f24eae42fda47d4985f9c55029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 10:04:50 GMT
x-content-type-options
nosniff
age
438980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Thu, 14 Jun 2018 06:00:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Nov 2022 10:04:50 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame BE6F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSG9dSemZxqZTvAr1hsEWAcoU0ZQcNLNQ-2hTE02sAHW2bM4WO0U33ZGlftsQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0627251510890130&output=html&h=600&slotname=3340526123&adk=4185321667&adf=762224717&pi=t.ma~as.3340526123&w=262&fwrn=4&fwrnh=100&lmt=1637582469&rafmt=1&psa=0&format=262x600&url=https%3A%2F%2Fscreenshot.net%2Fonline-image-editor.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637582468927&bpp=5&bdt=363&idt=122&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=6979234819172&frm=20&pv=2&ga_vid=1765342948.1637582469&ga_sid=1637582469&ga_hid=1128749466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1043&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2565577105881354&pem=42&tmod=445425942&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=31ErxjDGib&p=https%3A//screenshot.net&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713c92aaf9c5ae9b56b50788963618309a41d5a7d1f1d232e6fa16233004312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 13:52:53 GMT
x-content-type-options
nosniff
age
511697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15809
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 11:21:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 16 Nov 2022 13:52:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
javascrt.com
URL
https://javascrt.com/api.js

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| trans object| apowerConfig object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| wx_hawkeye function| WXGAGetDownloadTrackUrl object| googletag

4 Cookies

Domain/Path Name / Value
.screenshot.net/ Name: __gads
Value: ID=a458efb0aaae63cb-22bdcfe3eccb00ee:T=1637582469:RT=1637582469:S=ALNI_MaxbnOdGBhAjXIHu_En2RjZOVSZRA
.aoscdn.com/ Name: appvisitor
Value: f7a7a2f19cde40088bb93c66be3c9cac
.doubleclick.net/ Name: IDE
Value: AHWqTUkrQo80DhGa3Gdln3g8HVGFTI11_KYN31fET8NsXa_UB32l6u_LialYZEEn5VE
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
api.apowersoft.com
cdn.aoscdn.com
cdnweb.aoscdn.com
d3j06uq18x1o3j.cloudfront.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
googleads.g.doubleclick.net
javascrt.com
pagead2.googlesyndication.com
partner.googleadservices.com
screenshot.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
wx-analytics.cn-hongkong.log.aliyuncs.com
javascrt.com
142.250.186.66
18.66.137.34
240b:4001:f00::20a
2a00:1450:4001:809::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
47.252.13.107
79.133.177.226
05fc6a9184dc0117594fb819a1bc81941d4c2e542eb44b3f5bcd316fa8c41b58
07d4c452660df5c06e333f525ab9d82f4cd52a6a7311c268f76fd3c868161ae3
091e64657f5c8c95f7cc8f86f2a44b74cbdbaaf90d681f03b3b9d3c086a33805
0f9b361fcb61c4ec946df2ef303d542744647d75a1bc9941c05659e4381d7e65
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b5c5d1ca0d04d4317f9b3784d457be3ea4c2507bb6b6c81f8cb36ccc16c00a
1cc8e3873eb7cce52ec64b9058a1bb623b74ab0b2dcb4e1242516fbea72a0984
24f219e2f88a313a5a09ade10414d1ed66a1c6f24eae42fda47d4985f9c55029
25af5f28cb1b280104e7ee9925ada228eb4991f8e309e5ba502f64151129ff09
267d6df8634c675cdb7cecae5764a2052d5291f4a9c9a5fcffd95c5dcff48687
28635f34965adbe9de97031bd2053ab0a9ee11df35e0519a002ab6a9e3d29959
2900b99f4bf0f17e834fa592da73d4e888d388e39759c8f04ebdaa0e53923029
2b78daede6acd0c82e8364aeaa1ddd33926fd0f2a9a3960524e39266c2a16d0c
2bd07f81cfc5d6bcca59d2c3462e69643d790583ccd5b0094f1c96ab16dc1fc2
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37f72ff493564d6abec65624c819b08e7fab96cbabadff549b508a5bbe0d4f3b
39aa66ab541a0fb27feade4c2b5decc56cc84b3533b80ddd42cb14a18c98c073
3cca23757262fbe2853308da61c3a1931d307f417a194356139d5c8d0c79ef97
4593cf1ebbcb12a1146931de8deef68b7705f39d7d59449f6363f42d925bab90
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
5afd2479e21c0f8c1c07db510cc4d95e244ad33e3a86025d0874252375992ae4
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d7566f34f878452ac7e01a73d0c814ac6eb5e411c9d1e6f019896e40960e750
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6066cd8b72cac525da9d2c7c4ef6e2d69a14f261959019fca28dfb2e884c7c6a
617baca09c07eab9d5587328d9973363c7348b94a71d06ff6000657bb06a1105
713c92aaf9c5ae9b56b50788963618309a41d5a7d1f1d232e6fa16233004312a
74870dbb2ede2d2e6f537e191078c1d277f462ca97f91ff1f5fb97531057bffc
78b7edaaa638a1637102cb2d43e8ff334c4a0ecf04b0b375a4141b6e862a7168
80e4ff694e9b70b5af0aab17d1b30bf01c4f9813d756b445ba859e3898ee7f28
80e782ae544456e1c4498883177af7c46e99a3705576dbc2850ab019e06e68d2
85f0dee9efa840b06c335a544b205c5fb1db6624ac1fa4ffefec9326e6d8a9b1
86d87983157a8dc723e5f05ce1cf11b0676da6536fd241e63c5bccd26af62ef9
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d57c4cd772ced44b8116e7557b8e4a3e9b0f67019024d310dd7b9c76c88d86e
98b7cd0f90214b04a527ebfbec1a1ca2d89c9a4883021942a2ac7806fdbac1db
9ad652f92fce512c3c54a4bb028c5c7a26afe5c42e07700dc607e71dcca2d54d
9fad1ea01038c1354743c436e3c9c330ff72b4032aad3b18eae217c2f221ecce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4163d626e92c942a225a7d2146199303c3dd606ca7f02ed811feb6042dad051
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63d5d195d307234525a32d5bf1ec5deda38235e173ba72c64acdefab291ad68
afdf0e24d87ea1f80976801adb83d1c45d2067d9fec8cd13c2d41866dd8458ed
c25070821488c8bdcdd530cc8c22e516e44562746b4afd13d9c8115f540aa72b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22c3c22a4b8f498eb15375d217a63be23f0edb5e5b06dca4a5498d05954daad
d558d10f9a5f35ce68656ba98e7951e2dd08c8bfc309b7544e2fddbe92e5696c
d9b493464b04831ecc4f329f75632b2f131d2949231672b6d8b79634463bb293
dbc70301d4afe314ff9519898b02bca2c28cf8bc911aac2f9a320be307d9c29d
dc52729df7ef636fa9c4187c30d80ce8d386a53f2d41fd2bf418ec87c3714ea2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
edf3cc8564f6130497330c4997f3c04fcbcc7befab015cdf944c26f5c2090d43
ef1213c4e0d220fb8027d5a7dad5b7668d5c6033f92dcad4af7c6b367fe01c63
f405bae4db7c81b219884a7090d87ded5083290ce4b2e6483f0dd9fda4e4e694
f4cf0754d29872da2eaf547133f96f1e672763ef7c512eea6c3117a1bcde3ff9
f6bb0636546d7beaea94d4e9bdd1cf4113404737875b8c8c80755a924ea4ca9c
f7bdcea62b47dc8fe3e303c093b194c925d8938b2d97cc10ab318736ad12d40d
fc31210b69c22cc69b24ca537594c40cad0650a5a0601385f33a9f8957c68776
ffcbdee51932047565e8be426e5dce342bee50a8cf83f658d2b7c9df736c3036