waa.ai Open in urlscan Pro
2606:4700:3034::6818:7080 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://appurl.io/dxEX5iutH
Effective URL:
https://waa.ai/error
Submission: On October 30 via manual (October 30th 2020, 1:07:28 am UTC) from AU

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 16 domains to perform 67 HTTP transactions. The main IP is 2606:4700:3034::6818:7080, located in United States and belongs to CLOUDFLARENET, US. The main domain is waa.ai.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time waa.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3035::681b:ab39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
22	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3032::ac43:a64d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::681f:431a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2 2	94.130.191.239 94.130.191.239	24940 (HETZNER-AS) (HETZNER-AS)
1	69.61.26.121 69.61.26.121	22653 (GLOBALCOM...) (GLOBALCOMPASS)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
1 14	2606:4700:303... 2606:4700:3034::6818:7080	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	13

6 2606:4700:3035::681b:ab39 (United States)

ASN13335 (CLOUDFLARENET, US)

appurl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a64d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zii.bz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681f:431a (United States)

ASN13335 (CLOUDFLARENET, US)

glimpse.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.191.239 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: yerl.org

yerl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.61.26.121 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)

cutt.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3034::6818:7080 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

waa.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	waa.ai 1 redirects waa.ai	862 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com	284 KB
8	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	97 KB
8	google-analytics.com www.google-analytics.com	74 KB
6	appurl.io appurl.io	18 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	51 KB
3	googletagservices.com www.googletagservices.com	72 KB
3	google.com adservice.google.com	2 KB
3	google.de adservice.google.de	2 KB
2	yerl.org 2 redirects yerl.org	473 B
2	googletagmanager.com www.googletagmanager.com	76 KB
2	googleadservices.com partner.googleadservices.com	884 B
2	jquery.com code.jquery.com	47 KB
1	cutt.us cutt.us	2 KB
1	glimpse.link glimpse.link	1021 B
1	zii.bz 1 redirects zii.bz	1 KB
67	16

	Domain	Requested by
14	waa.ai	1 redirects appurl.io waa.ai
8	www.google-analytics.com	appurl.io www.google-analytics.com www.googletagmanager.com
7	pagead2.googlesyndication.com	appurl.io pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	appurl.io	appurl.io cutt.us
4	maxcdn.bootstrapcdn.com	appurl.io
3	www.googletagservices.com	pagead2.googlesyndication.com cutt.us
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	yerl.org	2 redirects
2	www.googletagmanager.com	glimpse.link cutt.us
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	code.jquery.com	appurl.io
1	c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cutt.us	glimpse.link
1	glimpse.link	appurl.io
1	zii.bz	1 redirects
67	19

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-25` - `2021-07-25`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.cutt.us Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://waa.ai/error
Frame ID: 4FBC472FC32C653D53F14384151D15E3
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html
Frame ID: E4E74D512DBB4E8E7E37FCCCCD5E621A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603948547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030663&bpp=14&bdt=121&idt=74&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8265711505678&frm=20&pv=2&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QpF2MpbuML&p=https%3A//appurl.io&dtd=94
Frame ID: B7A33647A02492277CD925F7C8A8EB84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603948547&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030677&bpp=3&bdt=134&idt=88&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=8265711505678&frm=20&pv=1&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93
Frame ID: 8184B40C321A87B531B8F0E2A9DB30AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1DB366D6AA2C2DD5DD6DAC4C213C2B8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html
Frame ID: FC17D4830F1A78C62A56FC8C50E126DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603901528&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034865&bpp=14&bdt=793&idt=44&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1831504940687&frm=20&pv=2&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q0m2Sg3opt&p=https%3A//appurl.io&dtd=63
Frame ID: 2A4635FC048B723B9C2B1ADDAD4379B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603901528&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034879&bpp=3&bdt=807&idt=58&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=1831504940687&frm=20&pv=1&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=63
Frame ID: A7ECEE0AF6FC7B85CDA43B2C63D82E03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://appurl.io/dxEX5iutH Page URL
https://zii.bz/6dTKUk HTTP 302
https://glimpse.link/l/OjUpVlc Page URL
https://yerl.org/CVDsr HTTP 301
https://cutt.us/oUVBu Page URL
https://appurl.io/N5Rybj0Fd Page URL
https://yerl.org/3w1d6 HTTP 301
https://waa.ai/urBU/60849e HTTP 302
https://waa.ai/error Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

67
Requests

99 %
HTTPS

71 %
IPv6

16
Domains

19
Subdomains

13
IPs

3
Countries

1588 kB
Transfer

3282 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/waaaiAkari
Title: @waaaiAkari

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://appurl.io/dxEX5iutH Page URL
https://zii.bz/6dTKUk HTTP 302
https://glimpse.link/l/OjUpVlc Page URL
https://yerl.org/CVDsr HTTP 301
https://cutt.us/oUVBu Page URL
https://appurl.io/N5Rybj0Fd Page URL
https://yerl.org/3w1d6 HTTP 301
https://waa.ai/urBU/60849e HTTP 302
https://waa.ai/error Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://zii.bz/6dTKUk HTTP 302
https://glimpse.link/l/OjUpVlc

Request Chain 23

https://yerl.org/CVDsr HTTP 301
https://cutt.us/oUVBu

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 dxEX5iutH Show response
appurl.io/ 5 KB
3 KB 258ms
242ms Document
text/html 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/dxEX5iutH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32415e407139f0fd67b2e94ef7d2e6910fb0a00c5fd8b6670eef7e7acedfa10a

Request headers

:method: GET
:authority: appurl.io
:scheme: https
:path: /dxEX5iutH
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 01:07:10 GMT
content-type: text/html
set-cookie: __cfduid=d34b6df2b0bac3480de45012fa56740691604020030; expires=Sun, 29-Nov-20 01:07:10 GMT; path=/; domain=.appurl.io; HttpOnly; SameSite=Lax
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Oct 2020 05:15:47 GMT
x-amz-version-id: jZ8b6HmDxuXLmnmerp4qy9cpx_xompi1
cache-control: max-age=60
x-cache: RefreshHit from cloudfront
via: 1.1 fb465ef388ebb25e5a872213f9ac3e9d.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: oVuZZLVWl12_k1u3aQTtXwA4BJ3gGMMNQT9NdiR2XtLkK-UHdlfO7g==
cf-cache-status: DYNAMIC
cf-request-id: 0618a4635d0000d7055318e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2KKh0G6qpGvRqZoxSsYcrF%2BKNCQHzuroMHVDVBpj7vRwKoCbi0ukw%2FGYoCy5wW%2BHUWkH3n5%2FZbibBlcxGVyj4VZHCdXDCrgoC%2F4ScZWRnrotQrY5rmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ea13ce56b4cd705-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/dxEX5iutH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 27ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/dxEX5iutH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: appurl.io
URL: https://appurl.io/dxEX5iutH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e17770fcc300fb1304bed5587782e4fff315b83d9a254e20d00aed70612e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46073
x-xss-protection: 0
server: cafe
etag: 11550344965379623222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 01:07:10 GMT

GET
H2 200 jquery-3.1.1.slim.min.js Show response
code.jquery.com/ 68 KB
23 KB 25ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by: Host: appurl.io
URL: https://appurl.io/dxEX5iutH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Origin: https://appurl.io
Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2016 22:32:34 GMT
server: nginx
status: 200
etag: W/"57e45c02-10ebd"
vary: Accept-Encoding
x-hw: 1604020030.dop232.fr8.t,1604020030.cds247.fr8.hn,1604020030.cds201.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23709

GET
H2 200 ua-parser-min.js Show response
appurl.io/javascripts/vendor/min/ 10 KB
5 KB 14ms
13ms Script
text/javascript 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/vendor/min/ua-parser-min.js
Requested by: Host: appurl.io
URL: https://appurl.io/dxEX5iutH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
via: 1.1 a04514714fe9332eac99da4b059accb3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4100
x-cache: Miss from cloudfront
status: 200
content-encoding: br
content-type: text/javascript
cf-request-id: 0618a464540000d705fb3e6000000001
last-modified: Mon, 07 Nov 2016 12:40:40 GMT
server: cloudflare
etag: W/"bb04355ce387383532230a11c09091aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F6wbLtKpGJikdmc1G3QVvRytiorkIscgPCJHFB8xFqM58HT2ckVP%2BkYe%2BEb08VtBkzKFL%2F7gluK8KAyiA0r%2FZ%2BewPTQccIR9veG3ILdpHG7KJgXw2y8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=14400
x-amz-cf-pop: BRU50-C1
cf-ray: 5ea13ce6ecc6d705-FRA
x-amz-cf-id: RAX5okDJYZPKXmFd-CUpvxlh9Oo8b5OTULf8Cl4IABptY5oC-z9thQ==

GET
H2 200 redirect-min.js Show response
appurl.io/javascripts/min/ 4 KB
2 KB 79ms
78ms Script
text/javascript 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1603948546563
Requested by: Host: appurl.io
URL: https://appurl.io/dxEX5iutH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc2596775fc81ddfd6da2ad7602bb34de500228ef2507024a4ff383b48a789c

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
content-type: text/javascript
cf-request-id: 0618a464540000d7050f35d000000001
last-modified: Tue, 05 Dec 2017 15:07:53 GMT
server: cloudflare
etag: W/"671a0cccd63ecc4bdfa6cb2a44eb6f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UYDduwCSFVDpYFKdG3IKh%2FKZ8AxiF6%2BMgLw%2FWHGISwqSBzGr6k1i0kzIXxjJL8YmK8g6ae3pPpW68l%2F7f8J%2FTGi%2Bq17LoPO7gwn%2FBHEMGSCfih7O5sM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=14400
cf-ray: 5ea13ce6ecc8d705-FRA
x-amz-cf-id: iZr93qpCq2oSsV4KsboU0cBHgRk1ETQu3xOEkCyoptNrWLZ54f1yKw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: appurl.io
URL: https://appurl.io/dxEX5iutH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4665
date: Thu, 29 Oct 2020 23:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 30 Oct 2020 01:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
405 B 46ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=775240914&t=pageview&_s=1&dl=https%3A%2F%2Fappurl.io%2FdxEX5iutH&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1471834042&gjid=1709032248&cid=1813650978.1604020031&tid=UA-1416913-22&_gid=717324442.1604020031&_r=1&_slc=1&z=1502623722

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 01:07:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/ 230 KB
87 KB 55ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e67e9b1a69aa45e7d0720d75dd9412d8acc5e66b9d32bd5c4f7a81de8c640d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88326
x-xss-protection: 0
server: cafe
etag: 10396176589646350026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 01:07:10 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/ Frame E4E7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201027/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/dxEX5iutH
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/dxEX5iutH

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 29 Oct 2020 10:02:22 GMT
expires: Thu, 12 Nov 2020 10:02:22 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 54288
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
627 B 187ms
65ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=appurl.io&callback=_gfp_s_&client=ca-pub-6503947100737582

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

f515631412bcc37304e803809d553ba6ec95c5cb8798e96a83534ae4199a4888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 35ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame B7A3 0
0 187ms
186ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603948547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030663&bpp=14&bdt=121&idt=74&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8265711505678&frm=20&pv=2&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QpF2MpbuML&p=https%3A//appurl.io&dtd=94

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603948547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030663&bpp=14&bdt=121&idt=74&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8265711505678&frm=20&pv=2&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QpF2MpbuML&p=https%3A//appurl.io&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/dxEX5iutH
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/dxEX5iutH

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Oct 2020 01:07:10 GMT
server: cafe
content-length: 11973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Oct-2020 01:22:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Oct 2020 01:07:10 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603885550448160"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27554
x-xss-protection: 0
expires: Fri, 30 Oct 2020 01:07:10 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8184 0
0 49ms
49ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603948547&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030677&bpp=3&bdt=134&idt=88&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=8265711505678&frm=20&pv=1&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603948547&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FdxEX5iutH&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020030677&bpp=3&bdt=134&idt=88&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=8265711505678&frm=20&pv=1&ga_vid=1813650978.1604020031&ga_sid=1604020031&ga_hid=775240914&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=885451762207901&pem=192&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/dxEX5iutH
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/dxEX5iutH

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Oct 2020 01:07:10 GMT
server: cafe
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Oct-2020 01:22:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Oct 2020 01:07:10 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201027&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7abb8dc77b75273f628825db65a75889980237e9bab105b419e97eb2ab2921e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6638
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 30 Oct 2020 01:07:11 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1DB3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/dxEX5iutH
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/dxEX5iutH

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 29 Oct 2020 22:05:39 GMT
expires: Fri, 29 Oct 2021 22:05:39 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10892
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

OjUpVlc Show response
glimpse.link/l/
Redirect Chain

https://zii.bz/6dTKUk
https://glimpse.link/l/OjUpVlc

1 KB
1021 B

258ms
205ms

Document
text/html

2606:4700:3037::681f:431a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glimpse.link/l/OjUpVlc
Requested by: Host: appurl.io
URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1603948546563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:431a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00c601ac84afbd9c0557b30f72fc85fbc7e3f988d43e21edd1d82c81edd2e5

Request headers

:method: GET
:authority: glimpse.link
:scheme: https
:path: /l/OjUpVlc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://appurl.io/dxEX5iutH
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/dxEX5iutH

Response headers

status: 200
date: Fri, 30 Oct 2020 01:07:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dda930b028ad77517e6d9cb532fbc3b2f1604020032; expires=Sun, 29-Nov-20 01:07:12 GMT; path=/; domain=.glimpse.link; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0618a46be00000d6b5629b1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rJKkZzBMTNDhPQWUqf2Bs%2FfsBuRCIs5OIbpVOPUSayqXWy2atDnIeNMyg5zxnCPxLMpnIs%2BEPzkCPs4szLNNAu%2FmZ2nBGKzXDcV6xT3ahCVl%2FAGHrgghtIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ea13cf2ff6ad6b5-FRA
content-encoding: br

Redirect headers

status: 302
date: Fri, 30 Oct 2020 01:07:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9b62586738ed26c6a80b6869f7bbe82e1604020031; expires=Sun, 29-Nov-20 01:07:11 GMT; path=/; domain=.zii.bz; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6ImlRS09DbFpJdHQ4cGd6N2ROazB5a1E9PSIsInZhbHVlIjoiWkUwNFwvaXJwY0JTWFVjZHZBdStNWFo0Y2pJT3k5MDNBM3hta0RQKzQ3SWFBY0J0VWd1eWVlSjNsVk9qSzZHRE4iLCJtYWMiOiI5NWQ2MTBlMWZjN2JlMTE0MDk5OGM5ZTA3M2VmYzlkNDA3ZmFmMGNkMTM5MDQ5Mzg2MDQ0MDBmNDM2NjI4OTJmIn0%3D; expires=Sun, 01-Nov-2020 13:07:12 GMT; Max-Age=216000; path=/; secure zii_url_shortener_session=eyJpdiI6IkduNmhDMFFQQUl3ZjA2VHppQldBVWc9PSIsInZhbHVlIjoiS3U1dytzUFpYNEl6N1U1bTBpWlNrS3V5VFVYM24xc1E1aWdiUHpuamIxUzAzSU1RNDE1Y1J1Z20rcEUxZDkzayIsIm1hYyI6ImJmMDlhNThiZjIzNzZjYTM3YjkwOTY0ZDMzMjJhNzQ5YWUwNjZlMDMxYmM4ODA4ZmYxNTIyZTc4MzdjZmI1NmQifQ%3D%3D; expires=Sun, 01-Nov-2020 13:07:12 GMT; Max-Age=216000; path=/; secure
cache-control: no-cache, private
location: https://glimpse.link/l/OjUpVlc
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0618a4670f0000248893a4a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eE17YOnFzEKYhtWOsQZFNAAjk6fmKIz9fua57QUuLKJzALv4xkIjeZvD8EdIa%2BMHied2870TNVFIuRDQgiXjl8%2FQserK%2FZ1jO1gCqoKL3Vl%2FB64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5ea13ceb495a2488-FRA

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201027&jk=885451762207901&bg=!XF-lX3_NAAVp0lmVaVgLH1D3AamB-QIAAABdUgAAAA0KARpcZBa81xN-Q4AusBrwCBBcWOxT2ltgEcYhkbzJSMrRJrUCxtD9hkmxo1fmkVTLaDJnXb2Qz3Y3KBa9USpooCG2PriRpTSuA0bYt3e8vjgtWtSdf0cDgYbN1HLxLavuosB0WR1U4lIM8u6wURUhrgBgv1zIyhVUH-IU4HuS9j1n8H6YJT7xVcwEr4WMHfiJa7C_aEoOdOqZLHVW31lUyaKJnJmM53M7jaJPty2LVEezymYQ2GHGg8qVnSTDg8EySL7ak9QKskC4992X3FS3nDAkXtXJYpxFPN59EU_vR28Sv1fc6LfpOtgt3U5Q2zByi-3xSCTGMg5XMoJGA8A89qaBzoei0Bg7vDVWAOJQG4idOubxpj7Lx5bn3LmZAbkTDEBPGHzIu98RZYQCQL6NlZnE9AhbCnCDlbfkKqQDpDPxbQQT9gaSjuv_PpDYJ-rK1KFmOd2ew4YUkVAp97GYqLhYtFjKRu9yMeFF5737NB0lpObYBsaYoARIaK7gfKbrPUGaefgFT2769Fz0tBwrbSnBAz_HfJvrjC2NeleJg2sjLBkHHHpCtpo9USkz33-2a_JNZs6kJK9pWCsaG-YhsxvZA57IFfdzHOaSMk3k-qWtejMomyigWlpGI118XsDqIP5jPyBiZ0-6i1a-hUIQAMydHVeeHYMzZDZ7mqyi0CTXhcOX1g9XRSlqjjSLB28BeNyg2iN7Uzx37L6QHipnFoUDiwBGYvQVdxtgDjwrNC8i_L8JHSqGpzlZiGizzjq3zS0hxO7E5SC8mEn8WK3zz0IDlDB9P4YgnBGWkPE6JgR3h6N61LU-_QbBk6BDlGukSjZqlD8oo39GcL88B2y44IuKPkUfzu5X_ZawD1dJ7XzRN9KxwtrRyIY13nXdc4iQyppQDJpgVUMBSpFdAFn2bw5SO6Vp9JWU51EIGcbNkdvQYzTT4Lw1XYTrHoPkYRUBAk8kc75aLNs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/dxEX5iutH
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 01:07:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 95 KB
38 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68884287-10

Requested by

Host: glimpse.link
URL: https://glimpse.link/l/OjUpVlc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://glimpse.link/l/OjUpVlc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:12 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38221
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Oct 2020 01:07:12 GMT

GET
H/1.1

200
OK

oUVBu Show response
cutt.us/
Redirect Chain

https://yerl.org/CVDsr
https://cutt.us/oUVBu

3 KB
2 KB

556ms
141ms

Document
text/html

69.61.26.121
GLOBALCOMPASS

General

Check archive.org

Show headers Download Go to

Full URL

https://cutt.us/oUVBu

Requested by

Host: glimpse.link
URL: https://glimpse.link/l/OjUpVlc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.121 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),

Reverse DNS

Software

Hotcores.com /

Resource Hash

0451eca7a07390f2738f63afcc47f6049f1353f490bfc32a1f0962aee4ce145b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Host: cutt.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://glimpse.link/l/OjUpVlc
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glimpse.link/l/OjUpVlc

Response headers

Server: Hotcores.com
Date: Fri, 30 Oct 2020 01:07:13 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
I-AM: Alpha
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.2
Date: Fri, 30 Oct 2020 01:07:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: https://cutt.us/oUVBu
Expires: Fri, 30 Oct 2020 01:08:12 GMT

GET
H3-Q050 200 analytics.js
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68884287-10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glimpse.link/l/OjUpVlc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4667
date: Thu, 29 Oct 2020 23:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 30 Oct 2020 01:49:25 GMT

POST
H3-Q050 200 collect
www.google-analytics.com/j/ 1 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1027288706&t=pageview&_s=1&dl=https%3A%2F%2Fglimpse.link%2Fl%2FOjUpVlc&dr=https%3A%2F%2Fappurl.io%2FdxEX5iutH&ul=en-us&de=UTF-8&dt=Secure%20your%20mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=478623247&gjid=1333821916&cid=1348603596.1604020033&tid=UA-68884287-10&_gid=738967799.1604020033&_r=1&gtm=2oual2&z=488343947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://glimpse.link/l/OjUpVlc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 01:07:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://glimpse.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cutt.us
URL: https://cutt.us/oUVBu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625fae457ea8d0109e81dad90fdab78044e9711dea57ef51ef9bed8f29c6c8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "678 / 626 of 1000 / last-modified: 1604009522"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17895
x-xss-protection: 0
expires: Fri, 30 Oct 2020 01:07:13 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Requested by

Host: cutt.us
URL: https://cutt.us/oUVBu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af550112c25943d12096f47ca8bd6b4930ef073ee8db603695c5021ce2bba561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:13 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38203
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Oct 2020 01:07:13 GMT

GET
H2 200 pubads_impl_2020102701.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
96 KB 191ms
67ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 08:51:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98225
x-xss-protection: 0
expires: Fri, 30 Oct 2020 01:07:13 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4668
date: Thu, 29 Oct 2020 23:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 30 Oct 2020 01:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
59 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=302248348&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FoUVBu&dr=https%3A%2F%2Fglimpse.link%2Fl%2FOjUpVlc&ul=en-us&de=UTF-8&dt=oUVBu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=167039516&gjid=1339654824&cid=1200017073.1604020034&tid=UA-31510493-1&_gid=465194472.1604020034&_r=1&gtm=2oual2&z=447568025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 01:07:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://cutt.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js
adservice.google.de/adsid/ 109 B
810 B 42ms
29ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutt.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js
adservice.google.com/adsid/ 109 B
810 B 43ms
29ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutt.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ 397 B
809 B 170ms
106ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=824459078606476&correlator=4439151299546268&output=ldjh&impl=fif&eid=21068381%2C21068393%2C21063046%2C21065517&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1604020033&dt=1604020033857&dlt=1604020033494&idt=345&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FoUVBu&ref=https%3A%2F%2Fglimpse.link%2Fl%2FOjUpVlc&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=1200017073.1604020034&ga_sid=1604020034&ga_hid=302248348&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutt.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
14ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 N5Rybj0Fd Show response
appurl.io/ 5 KB
2 KB 173ms
172ms Document
text/html 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/N5Rybj0Fd
Requested by: Host: cutt.us
URL: https://cutt.us/oUVBu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f653774ca3a535c7bc99eee8c782952608d22c907ea383e2d18ac8c9c2d2af9c

Request headers

:method: GET
:authority: appurl.io
:scheme: https
:path: /N5Rybj0Fd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://cutt.us/oUVBu
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d34b6df2b0bac3480de45012fa56740691604020030; _ga=GA1.2.1813650978.1604020031; _gid=GA1.2.717324442.1604020031; _gat=1; __gads=ID=6fe54bbe0ba4ba31-22e7474613b90017:T=1604020030:RT=1604020030:S=ALNI_May0Vf5BuH8tisS9p7dxW3VFkHx5A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutt.us/oUVBu

Response headers

status: 200
date: Fri, 30 Oct 2020 01:07:14 GMT
content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Oct 2020 16:12:08 GMT
x-amz-version-id: aaYjB5Vq94sJn1Pvm7wGiKZr.KXGB1Ci
cache-control: max-age=60
x-cache: RefreshHit from cloudfront
via: 1.1 b9a9d8d845aab6bf47074a2716ba4f5a.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: JiOcX_EsepO2ZtdV_bKQfPVtAlPWGAwBNrw9UH3wkMRJloEFurHMDw==
cf-cache-status: DYNAMIC
cf-request-id: 0618a4716b0000d705e5a49000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tW5jHpjUs%2FSRwXOFIdtW9yUkZmcA2rG35ylsnOYAXnB7CpVdHNRLSiu5ixNBxsRK999itBgURjp%2FfS3zR9Uz0J8JHLJcrvdkA1FUAsjM0llMdCamHgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ea13cfbde24d705-FRA
content-encoding: br

GET
H3-Q050 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/oUVBu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6469
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 667ms
43ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 701ms
76ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
45 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e17770fcc300fb1304bed5587782e4fff315b83d9a254e20d00aed70612e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46073
x-xss-protection: 0
server: cafe
etag: 11550344965379623222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 01:07:14 GMT

GET
H2 200 jquery-3.1.1.slim.min.js Show response
code.jquery.com/ 68 KB
23 KB 9ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by: Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Origin: https://appurl.io
Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2016 22:32:34 GMT
server: nginx
status: 200
etag: W/"57e45c02-10ebd"
vary: Accept-Encoding
x-hw: 1604020034.dop232.fr8.t,1604020034.cds247.fr8.hn,1604020034.cds201.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23709

GET
H2 200 ua-parser-min.js Show response
appurl.io/javascripts/vendor/min/ 10 KB
5 KB 13ms
12ms Script
text/javascript 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/vendor/min/ua-parser-min.js
Requested by: Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
via: 1.1 a04514714fe9332eac99da4b059accb3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4104
x-cache: Miss from cloudfront
status: 200
content-encoding: br
content-type: text/javascript
cf-request-id: 0618a472240000d7053902e000000001
last-modified: Mon, 07 Nov 2016 12:40:40 GMT
server: cloudflare
etag: W/"bb04355ce387383532230a11c09091aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PM6IXu0zUSIA0VLcMqmDfR%2FcQy3HeRSnfYkfJgyuxbpjefYBqMI5nIdIDM1GTHBky3js1OSvoRj7q%2Byt%2FxmfzLhHZmb2vMRmnUURUmMn%2BsixUv0yuaY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=14400
x-amz-cf-pop: BRU50-C1
cf-ray: 5ea13cfd0f65d705-FRA
x-amz-cf-id: RAX5okDJYZPKXmFd-CUpvxlh9Oo8b5OTULf8Cl4IABptY5oC-z9thQ==

GET
H2 200 redirect-min.js Show response
appurl.io/javascripts/min/ 4 KB
2 KB 69ms
68ms Script
text/javascript 2606:4700:3035::681b:ab39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1603901527133
Requested by: Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:ab39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc2596775fc81ddfd6da2ad7602bb34de500228ef2507024a4ff383b48a789c

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
via: 1.1 71301668ddfb97faafc00e9b4aafacbc.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MRS52-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
content-type: text/javascript
cf-request-id: 0618a472240000d705c392f000000001
last-modified: Tue, 05 Dec 2017 15:07:53 GMT
server: cloudflare
etag: W/"671a0cccd63ecc4bdfa6cb2a44eb6f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d4AkDjk1RrCiaNtU8HRWxvmZ%2BRrO2F4AjWyFwu%2FOfGtapp%2BeBsuJDBPO2UaUdYvwy9jRBzNTa%2FqW1UF1e3Ju3leUKkggWzEJBAfrFv4xpgpbSW9Bxzk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=14400
cf-ray: 5ea13cfd0f66d705-FRA
x-amz-cf-id: Yb3LtbEXArEw4pacQRUt67WqW0SYnKbv3osREN5zfU1UZ1Cbm7DnuQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: appurl.io
URL: https://appurl.io/N5Rybj0Fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4669
date: Thu, 29 Oct 2020 23:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 30 Oct 2020 01:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1000687169&t=pageview&_s=1&dl=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&dr=https%3A%2F%2Fcutt.us%2FoUVBu&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=677284970&gjid=859808321&cid=832745810.1604020035&tid=UA-1416913-22&_gid=717025083.1604020035&_r=1&_slc=1&z=1542642329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 01:07:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/ 230 KB
86 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e67e9b1a69aa45e7d0720d75dd9412d8acc5e66b9d32bd5c4f7a81de8c640d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88326
x-xss-protection: 0
server: cafe
etag: 10396176589646350026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 01:07:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/ Frame FC17 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201027/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/N5Rybj0Fd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/N5Rybj0Fd

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 29 Oct 2020 10:02:22 GMT
expires: Thu, 12 Nov 2020 10:02:22 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 54292
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
257 B 65ms
64ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=appurl.io&callback=_gfp_s_&client=ca-pub-6503947100737582

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

756035eb7e72ed99d7bb6ccb7cd1750cb082b1a3361a6b7e512bfd4d6e40c4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2A46 0
0 326ms
325ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603901528&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034865&bpp=14&bdt=793&idt=44&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1831504940687&frm=20&pv=2&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q0m2Sg3opt&p=https%3A//appurl.io&dtd=63

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1603901528&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=660x280&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034865&bpp=14&bdt=793&idt=44&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1831504940687&frm=20&pv=2&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=141967&dssz=14&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=470&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q0m2Sg3opt&p=https%3A//appurl.io&dtd=63
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/N5Rybj0Fd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/N5Rybj0Fd

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Oct 2020 01:07:15 GMT
server: cafe
content-length: 21596
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Oct-2020 01:22:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Oct 2020 01:07:15 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/N5Rybj0Fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603885550448160"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27554
x-xss-protection: 0
expires: Fri, 30 Oct 2020 01:07:14 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A7EC 0
0 50ms
49ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603901528&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034879&bpp=3&bdt=807&idt=58&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=1831504940687&frm=20&pv=1&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=63

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1603901528&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fappurl.io%2FN5Rybj0Fd&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604020034879&bpp=3&bdt=807&idt=58&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=1831504940687&frm=20&pv=1&ga_vid=832745810.1604020035&ga_sid=1604020035&ga_hid=1000687169&ga_fc=0&iag=0&icsg=2239119&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922&oid=3&pvsid=435427537804679&pem=192&ref=https%3A%2F%2Fcutt.us%2FoUVBu&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=63
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appurl.io/N5Rybj0Fd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/N5Rybj0Fd

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Oct 2020 01:07:14 GMT
server: cafe
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Oct-2020 01:22:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Oct 2020 01:07:14 GMT
cache-control: private

GET
H2

200

Primary Request error Show response
waa.ai/
Redirect Chain

https://yerl.org/3w1d6
https://waa.ai/urBU/60849e
https://waa.ai/error

3 KB
2 KB

266ms
266ms

Document
text/html

2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/error
Requested by: Host: appurl.io
URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1603901527133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0d4ef4ee2061788cc34e9b1d2c5879fe95f56fc89ee2cacab7d6336bd5d3fd39

Request headers

:method: GET
:authority: waa.ai
:scheme: https
:path: /error
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://appurl.io/N5Rybj0Fd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dbe18a36deb128fafebb5c90f825247851604020036
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://appurl.io/N5Rybj0Fd

Response headers

status: 200
date: Fri, 30 Oct 2020 01:07:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0618a47b2d0000073eaf1a2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xbW%2F%2B4IMOpUqEgSbAUHd4%2FuoPwXgHEAS%2FQpgk7kYjMvjPeYnbzkzwMeYVOGdLH%2FG%2BZQieqSCHZwWLjgs6jd4Wdy6fhLTA%2BisVeKKnFz1qrIk3FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ea13d0b7f95073e-FRA
content-encoding: br

Redirect headers

status: 302
date: Fri, 30 Oct 2020 01:07:16 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbe18a36deb128fafebb5c90f825247851604020036; expires=Sun, 29-Nov-20 01:07:16 GMT; path=/; domain=.waa.ai; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
location: https://waa.ai/error
vary: Accept
cf-cache-status: DYNAMIC
cf-request-id: 0618a47a0b0000073e6eb08000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iib8RsJ2cJBcJzB8lD5qAn0QD4RarDz2O3DVJe1IwIgIR%2FrK%2FReCMpHfcXjheOr%2BZU%2FfFagyNzB1L3bVhYmYGeH2yZ6MObnMiHPaO0w3HcNQUxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ea13d09ac70073e-FRA

GET
H2 200 2.a9a9c00e.chunk.css
waa.ai/static/css/ 3 KB
774 B 278ms
277ms Stylesheet
text/css 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/static/css/2.a9a9c00e.chunk.css
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d2c3848266d31d22a05fdefdc73a7020d279e856ff902866b04523ee750733

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
server: cloudflare
etag: W/"5f9345c1-d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OtMB0lErfZm1m%2F5CPvNMBkQRdE5R9A%2F%2B1MJTsvw9QaxWmVrLMg4CgR1hnTWy6haDkqDadwvBFcVXJZvwlfFJbonjPTnZdAU7SXYMmeBV6k46YLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ea13d0d3a77073e-FRA
cf-request-id: 0618a47c460000073ea28e1000000001

GET
H2 200 main.1359096b.chunk.css
waa.ai/static/css/ 310 B
528 B 266ms
266ms Stylesheet
text/css 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/static/css/main.1359096b.chunk.css
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8edc5ebc4bdace33d87a8462820bfff012348481b5c0161461d059abcfc28ca0

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
server: cloudflare
etag: W/"5f9345c1-136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T21QAsAoRkY%2Bd1TRD1qDLcu2p44sQa3xbHrUAnU312gV6%2FphT8VpTQ74FrW9SPlMtssbvMXhg4PsfmrkAxDqsWcY8%2BYvN%2F4ACgTAD6OnWaZJszM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ea13d0d3a78073e-FRA
cf-request-id: 0618a47c460000073e7d1ef000000001

GET
H2 200 2.838c59f2.chunk.js Show response
waa.ai/static/js/ 386 KB
108 KB 814ms
813ms Script
application/javascript 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/static/js/2.838c59f2.chunk.js
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76436b7bc07d5dbdd9155a758043ec86778bd475997dd23a1352ec1a75ba7da3

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
server: cloudflare
etag: W/"5f9345c1-6085d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L25S2JSFNa%2BCZNQSTSVWtURv2kCcjRhw8ZAH9PlL2ySPjbMEbWhJ1kQuLh3SgmrPAPeWa8Zi8EhjpiPT8hhm%2FrXAooz0S2uc6oV6yTB8o7BSCfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ea13d0d3a7a073e-FRA
cf-request-id: 0618a47c460000073e668bb000000001

GET
H2 200 main.0d7e0865.chunk.js Show response
waa.ai/static/js/ 98 KB
22 KB 562ms
561ms Script
application/javascript 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/static/js/main.0d7e0865.chunk.js
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f721c823e6076ec73fd62571a1e48bea375b82e9a67328daa389a57b3473f3f5

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
server: cloudflare
etag: W/"5f9345c1-186a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cAQeJ5hcq%2FuTb0vyEmoSiORNmcdQsNSgzqhe%2F9eFUmw%2FwgitnxdW1CaxKy8Kz5WfkVwsJQ764VLUYTc7qoFH77lASQMIRa%2FUFJaJJT2tOWWGXeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ea13d0d3a7b073e-FRA
cf-request-id: 0618a47c470000073e590d4000000001

GET
H2 200 user Show response
waa.ai/api/auth/ 4 B
330 B 277ms
276ms Fetch
application/json 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/api/auth/user
Requested by: Host: waa.ai
URL: https://waa.ai/static/js/main.0d7e0865.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json
Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
etag: W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0XEb4zh1yu%2BrELIW8iY0HRg1panZwNb%2BK%2FYsOQ1SnpqK89w64T%2BdVxUJbrWrdz3uB1mGo7I12nvJVwHCPsXB6Q7jd1E%2Bqb4fFotnEN2hdyZuAO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
status: 200
cf-ray: 5ea13d12daf4073e-FRA
content-length: 4
cf-request-id: 0618a47fcc0000073ec0acf000000001

GET
H2 200 akari.jpg
waa.ai/img/avatars/ 137 KB
137 KB 287ms
286ms Image
image/jpeg 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/avatars/akari.jpg
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907eb4ee0f6eb544452c42c66c794e3601935bb5e11465071b9eb4008b2d5d4e

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 140237
cf-request-id: 0618a47fd40000073ed2342000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-223cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iBRnCaKEUSzjCKbjB8GJQzcBexLq%2FU8wfxYA6NW7xtBSJCnuwvtnxgtUW0nysdQbrUslolFFL6GirW8Jrdf%2BblExuWv5Zd%2B%2F%2BkhVNl%2B8e1i0Yyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb0a073e-FRA

GET
H2 200 kyouko.jpg
waa.ai/img/title-images/ 161 KB
162 KB 281ms
280ms Image
image/jpeg 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/title-images/kyouko.jpg
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e650e83b49bc1b9837dcc15f59d7bedcb1a8ca27b1cb9d6ff2bedd14ebbb1380

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 165143
cf-request-id: 0618a47fd40000073ec9b6c000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-28517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r577g6UBnztjr5%2Bt4ZT%2BFsOQt8LtsXUEo3UQnKLUlSI0eM%2BBcTBx6OUPOk%2FqRF%2F766oUxdVOPhSC8kqdXjQWGNjK398wKNswtpavFN32AohWhjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb0c073e-FRA

GET
H2 200 @waaaiAkari.jpg
waa.ai/img/twitter/ 28 KB
28 KB 410ms
409ms Image
image/jpeg 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/twitter/@waaaiAkari.jpg
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8d0f34628b7051d6a2ccc084e5b8524bb67d0911b5b080338ff15d12e43b15

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 28177
cf-request-id: 0618a47fd40000073e6e3d7000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-6e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vvEvMBqk2tQ1xJC3V%2Fd9fQw%2F%2FSkg0CCXOim8gAnNt3tPlpFTVyhN9l%2Bw6Fbu54eMRupFXE1%2BLxsGtU5Ww%2FTyVJQMQs16TAMdMtkpihkEBJux4Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb0e073e-FRA

GET
H2 200 akari-light.png
waa.ai/img/main/ 46 KB
47 KB 539ms
538ms Image
image/png 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/main/akari-light.png
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5696bb1f6e6ea8aad4c66078caec51c52711ec550a9ace3fd8eefd9463030750

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:18 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 47431
cf-request-id: 0618a47fd40000073e59116000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-b947"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CUoYgQnxC7FxSmvUxzfDbgudzcWxx4bUXvTWS183zAc91dqHGBPTj3JZtAyNI0JXBbFVyTfcxfsxugLVB5aA4enEtO1QKHEjst%2FfOhIMLKs8NUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb10073e-FRA

GET
H2 200 akarin.png
waa.ai/img/main/ 20 KB
21 KB 397ms
396ms Image
image/png 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/main/akarin.png
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7259f713ddf19c767b8b79c3d7d01fe99826843f9b00d70b652071fb6682d77c

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 20903
cf-request-id: 0618a47fd50000073ed6912000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-51a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XZgNtiW1KUipmfi%2BUlXF52TEFcY%2FYGEwBQWZMhiK1xlG0eVdmbVZtwVxvtj8yVd5fIipyZKYiajwS3blPSl%2FPsIs%2Femsp47Zz1vVutDDy17q2%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb11073e-FRA

GET
H2 200 akari-light.jpg
waa.ai/img/backgrounds/ 318 KB
319 KB 538ms
537ms Image
image/jpeg 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waa.ai/img/backgrounds/akari-light.jpg
Requested by: Host: waa.ai
URL: https://waa.ai/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2edcaba5944ee13bc6c56d751f0bea0c1e5079f60cc6fbc6e480f1c56d42e98

Request headers

Referer: https://waa.ai/error
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:18 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 325964
cf-request-id: 0618a47fd50000073e8201a000000001
last-modified: Fri, 23 Oct 2020 21:04:58 GMT
server: cloudflare
etag: "5f93457a-4f94c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cKOtAU5scJP9SLWWg1%2BXF2p8VWM8xejd0S1IgLUodPE5tUjKwFKW%2BI9DPtyezuzljxpx1%2BzSwW%2FGDXZ0shE8ezddAb5yFfTIq2IhG1OQeUuaUmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb12073e-FRA

GET
H2 200 roboto-latin-400.479970ff.woff2
waa.ai/static/media/ 15 KB
16 KB 391ms
391ms Font
application/octet-stream 2606:4700:3034::6818:7080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waa.ai/static/media/roboto-latin-400.479970ff.woff2
Requested by: Host: waa.ai
URL: https://waa.ai/static/css/2.a9a9c00e.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Origin: https://waa.ai
Referer: https://waa.ai/static/css/2.a9a9c00e.chunk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 01:07:17 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 15736
cf-request-id: 0618a47fd60000073ebebb4000000001
last-modified: Fri, 23 Oct 2020 21:06:09 GMT
server: cloudflare
etag: "5f9345c1-3d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gfgdCuyT90t3aVEw32xLYZekUEAKgRp5q1KQXm9be1Te%2F7c6xGX%2Bf7Fddp3amsT8apf6CBfAgMUOkWkK3mxCDr9EyS%2BvX6DHJ0x1B5ifH5O46TE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5ea13d12eb14073e-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.waa.ai/	1970-01-19 14:16:52	Name: __cfduid Value: dbe18a36deb128fafebb5c90f825247851604020036

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
appurl.io
c6b419b919156a41fe0e4a2e9e1615a0.safeframe.googlesyndication.com
code.jquery.com
cutt.us
glimpse.link
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
waa.ai
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
yerl.org
zii.bz
tpc.googlesyndication.com
172.217.21.226
2001:4de0:ac19::1:b:3a
209.197.3.15
2606:4700:3032::ac43:a64d
2606:4700:3034::6818:7080
2606:4700:3035::681b:ab39
2606:4700:3037::681f:431a
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:816::2001
69.61.26.121
94.130.191.239
0451eca7a07390f2738f63afcc47f6049f1353f490bfc32a1f0962aee4ce145b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d4ef4ee2061788cc34e9b1d2c5879fe95f56fc89ee2cacab7d6336bd5d3fd39
30e17770fcc300fb1304bed5587782e4fff315b83d9a254e20d00aed70612e1c
32415e407139f0fd67b2e94ef7d2e6910fb0a00c5fd8b6670eef7e7acedfa10a
34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c
3e8d0f34628b7051d6a2ccc084e5b8524bb67d0911b5b080338ff15d12e43b15
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5696bb1f6e6ea8aad4c66078caec51c52711ec550a9ace3fd8eefd9463030750
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
625fae457ea8d0109e81dad90fdab78044e9711dea57ef51ef9bed8f29c6c8dd
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc2596775fc81ddfd6da2ad7602bb34de500228ef2507024a4ff383b48a789c
6e00c601ac84afbd9c0557b30f72fc85fbc7e3f988d43e21edd1d82c81edd2e5
6e67e9b1a69aa45e7d0720d75dd9412d8acc5e66b9d32bd5c4f7a81de8c640d8
7259f713ddf19c767b8b79c3d7d01fe99826843f9b00d70b652071fb6682d77c
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
756035eb7e72ed99d7bb6ccb7cd1750cb082b1a3361a6b7e512bfd4d6e40c4ba
76436b7bc07d5dbdd9155a758043ec86778bd475997dd23a1352ec1a75ba7da3
7abb8dc77b75273f628825db65a75889980237e9bab105b419e97eb2ab2921e8
8edc5ebc4bdace33d87a8462820bfff012348481b5c0161461d059abcfc28ca0
907eb4ee0f6eb544452c42c66c794e3601935bb5e11465071b9eb4008b2d5d4e
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2d2c3848266d31d22a05fdefdc73a7020d279e856ff902866b04523ee750733
a2edcaba5944ee13bc6c56d751f0bea0c1e5079f60cc6fbc6e480f1c56d42e98
af550112c25943d12096f47ca8bd6b4930ef073ee8db603695c5021ce2bba561
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f
e650e83b49bc1b9837dcc15f59d7bedcb1a8ca27b1cb9d6ff2bedd14ebbb1380
f515631412bcc37304e803809d553ba6ec95c5cb8798e96a83534ae4199a4888
f653774ca3a535c7bc99eee8c782952608d22c907ea383e2d18ac8c9c2d2af9c
f721c823e6076ec73fd62571a1e48bea375b82e9a67328daa389a57b3473f3f5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

waa.ai Open in urlscan Pro 2606:4700:3034::6818:7080 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

71 %IPv6

16 Domains

19 Subdomains

13 IPs

3 Countries

1588 kBTransfer

3282 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

waa.ai Open in urlscan Pro
2606:4700:3034::6818:7080 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

71 %
IPv6

16
Domains

19
Subdomains

13
IPs

3
Countries

1588 kB
Transfer

3282 kB
Size

1
Cookies

67 HTTP transactions
0 data transactions