urlscan.io logo urlscan.io
SecurityTrails logo

d1ly52g9wjvbd2.cloudfront.net Open in urlscan Pro
18.64.84.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://d1ly52g9wjvbd2.cloudfront.net/
Effective URL: https://d1ly52g9wjvbd2.cloudfront.net/
Submission: On June 08 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 44 HTTP transactions. The main IP is 18.64.84.174, located in United States and belongs to AMAZON-02, US. The main domain is d1ly52g9wjvbd2.cloudfront.net.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.
This is the only time d1ly52g9wjvbd2.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    18.64.84.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-84-174.txl50.r.cloudfront.net
d1ly52g9wjvbd2.cloudfront.net
4    18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com
powerad.ai
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d1ly52g9wjvbd2.cloudfront.net
263 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
211 KB
5 powerad.ai
powerad.ai — Cisco Umbrella Rank: 15847
reporting.powerad.ai — Cisco Umbrella Rank: 17417
44 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 43
20 KB
3 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 14458
195 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 79
www.google.com — Cisco Umbrella Rank: 4
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
5 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4921
www.google.co.uk — Cisco Umbrella Rank: 3027
1 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 444
66 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 793
646 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
39 KB
44 11
Domain Requested by
12 d1ly52g9wjvbd2.cloudfront.net 1 redirects d1ly52g9wjvbd2.cloudfront.net
7 pagead2.googlesyndication.com d1ly52g9wjvbd2.cloudfront.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
d1ly52g9wjvbd2.cloudfront.net
4 powerad.ai d1ly52g9wjvbd2.cloudfront.net
powerad.ai
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 hb.brainlyads.com powerad.ai
d1ly52g9wjvbd2.cloudfront.net
2 www.google.com d1ly52g9wjvbd2.cloudfront.net
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.co.uk d1ly52g9wjvbd2.cloudfront.net
1 ads.pubmatic.com d1ly52g9wjvbd2.cloudfront.net
1 reporting.powerad.ai powerad.ai
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com d1ly52g9wjvbd2.cloudfront.net
44 16

This site contains links to these domains. Also see Links.

Domain
www.whatfontis.com
www.facebook.com
twitter.com
accounts.google.com
www.ffonts.net
Subject Issuer Validity Valid
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2021-08-13 -
2022-09-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2021-11-25 -
2022-12-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://d1ly52g9wjvbd2.cloudfront.net/
Frame ID: 2FCE59EDC05E414E4E7BAF8454BFB3E0
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/zrt_lookup.html
Frame ID: 9800D0DB9165A42BE7C65627C658E258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7766349947687093&output=html&adk=1812271804&adf=3025194257&lmt=1654730491&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654730491730&bpp=2&bdt=411&idt=247&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7043945434476&frm=20&pv=2&ga_vid=628734048.1654730492&ga_sid=1654730492&ga_hid=1574605202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067908&oid=2&pvsid=181898839048472&pem=275&tmod=1779963339&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=264
Frame ID: 3FE51B62EB3BC1939561CF17125C40B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 2639C31F965636DF02F4E7518F8E6384
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 353C3464BB3D9819C3568632B0878085
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: B3DDA54A32AD4705DA54277DDB1C06D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A37BB747198024E5642EF12782F92CC5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C57CCF9BAA007B7F02E8B5EBBA771D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Font Finder 🔎 by What Font Is

Page URL History Show full URLs

  1. http://d1ly52g9wjvbd2.cloudfront.net/ HTTP 301
    https://d1ly52g9wjvbd2.cloudfront.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

44
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

847 kB
Transfer

2500 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d1ly52g9wjvbd2.cloudfront.net/ HTTP 301
    https://d1ly52g9wjvbd2.cloudfront.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d1ly52g9wjvbd2.cloudfront.net/
Redirect Chain
  • http://d1ly52g9wjvbd2.cloudfront.net/
  • https://d1ly52g9wjvbd2.cloudfront.net/
47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
58d06392fa537192bd14eee5b07fdde81058ecbba637e397bea79ea1943f74a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 23:21:31 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
x-amz-cf-id
YayvPe8TYkROevin6yws1OU7t6-DtpRP_VqvbrSqxv34MXUtd9Ibkg==
x-amz-cf-pop
TXL50-P2
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html
Date
Wed, 08 Jun 2022 23:21:31 GMT
Location
https://d1ly52g9wjvbd2.cloudfront.net/
Server
CloudFront
Via
1.1 7fc97e30af7472a64e5a6feef4dbebba.cloudfront.net (CloudFront)
X-Amz-Cf-Id
IYI91x286QwwbrEqCsUNhjRxulEIw9RP7pdHX-nwSqWwaZ0EgvrOag==
X-Amz-Cf-Pop
TXL50-P2
X-Cache
Redirect from cloudfront
styles.min.6.14.1-v2-m.css
d1ly52g9wjvbd2.cloudfront.net/css1/ 		244 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
ffda0229b8e74e5031ad0f7f82d97499d638f6d9a53e85cbfe261483a5ee0929

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 08:52:19 GMT
age
224624
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
42623
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
x-amz-cf-id
48IpuAVQA8KAvqSfQR8UVwNTZbghsN6BmYOqyTmTTiuVpo6nd8e2mg==
expires
Tue, 06 Jun 2023 08:57:47 GMT
all.min.8.js
d1ly52g9wjvbd2.cloudfront.net/js1/ 		278 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/js1/all.min.8.js
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
069259a60dbddb5651aee2b96b4a6f029e132af543ecafc08941bc6693799fae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 04:05:30 GMT
content-encoding
gzip
last-modified
Thu, 13 Jun 2019 12:36:44 GMT
age
4648561
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5184000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
x-amz-cf-id
NxRU0xWlsy0p8ycW4qJak2f2bDm57zbgMjJfKdx22XvwCJ02ACuZoA==
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
expires
Wed, 15 Jun 2022 04:05:30 GMT
script.js
powerad.ai/106656189052700/ 		197 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/106656189052700/script.js
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
13ada88779f3daa71b8387ec4c0a60ee3475a5a39915bc664dec9ddeaf7672f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:31 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 21:40:01 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"3123b-18145429929"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90ab66c6005be934f55234ff16d627d52117c6feaf40010724ddcf540f7055b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
Origin
https://d1ly52g9wjvbd2.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56198
x-xss-protection
0
server
cafe
etag
11960608800218649753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 23:21:31 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16509862-1
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3100cb0a5669a93df74c6bfe082497f97888f89bac013383edcf0f6ca54d2d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39790
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 22:21:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 23:21:31 GMT
upload.svg
d1ly52g9wjvbd2.cloudfront.net/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/images/upload.svg
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
71a2f924ab5520702eadad8818addb9887b7a4ad05e0b3a0c3b7f015903432f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:06:04 GMT
content-encoding
gzip
last-modified
Sat, 23 Feb 2019 05:18:10 GMT
age
2754927
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
2177
x-amz-cf-id
CppJTvBPjIyg_jexT53vjh0YjmPebHHaJTXKUGyd1qBbMyVl3F2-Zw==
expires
Wed, 03 May 2023 02:06:04 GMT
spacer.gif
d1ly52g9wjvbd2.cloudfront.net/images/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/images/spacer.gif
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 03:47:49 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Apr 2008 08:12:31 GMT
age
1280022
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
43
x-amz-cf-id
PvJ5-EKQ2KMI6LDQMVK0_8VMEA5W2riqDircPdhRMqvJ4bNAVBFRJg==
expires
Thu, 25 May 2023 03:47:49 GMT
user-placeholder-01.jpg
d1ly52g9wjvbd2.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/images/user-placeholder-01.jpg
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
56aa3230002f35b5e7a899f577c54d06b2475943e4b82c7854f81c20217bd9c4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 01 May 2022 07:30:19 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2019 08:52:54 GMT
age
3340272
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
1830
x-amz-cf-id
hM1oxa_CGqCSUnxIUvqrQplupvMKtBXUV9AlTb4KW_K6RZChEZDUSg==
expires
Mon, 01 May 2023 07:30:19 GMT
logo-what-font-is.svg
d1ly52g9wjvbd2.cloudfront.net/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/img/logo-what-font-is.svg
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
d7a7b8110cdc3b30732713ebe980afd5c8a12c7f63cd9306fbe74d0f3c06da70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 00:44:26 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2017 10:53:28 GMT
age
24187025
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
1775
x-amz-cf-id
G7vQ0S7Q6CpJUD0r1Vc9IxDKClHCFj5XZXB8ELlU78r1iCVvOqyhtg==
expires
Sun, 28 Aug 2022 00:44:26 GMT
Gresa-Regular.woff2
d1ly52g9wjvbd2.cloudfront.net/webfonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/webfonts/Gresa-Regular.woff2
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
edfac4423e897ff3ae6cb8c7abf15cc15787ca7a41be9c1105c08c6586af4035

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Origin
https://d1ly52g9wjvbd2.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 04:12:07 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Thu, 28 Feb 2019 21:43:12 GMT
age
13460964
x-cache
Hit from cloudfront
content-type
application/font-woff2; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
16324
x-amz-cf-id
bW3IK1z4mO83SN7TsbKPeDUgXc9uBqFdIdaTaAhwdYsTnOA9DDHM5w==
expires
Fri, 30 Dec 2022 04:12:07 GMT
fa-solid-900.woff2
d1ly52g9wjvbd2.cloudfront.net/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/webfonts/fa-solid-900.woff2
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
897774e448cd222de4ef696e2910e89a580e9d84b36419720c59fa55796b17cb

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Origin
https://d1ly52g9wjvbd2.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:30:31 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2018 18:38:28 GMT
age
1259460
x-cache
Hit from cloudfront
content-type
application/font-woff2; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
44448
x-amz-cf-id
2X2vZIbHbYlWvhYzmXUwqUZHD7eLBw4kF7xMD4MxkAhZ9JpWvMsDYw==
expires
Sat, 20 May 2023 09:30:31 GMT
fa-brands-400.woff2
d1ly52g9wjvbd2.cloudfront.net/webfonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/webfonts/fa-brands-400.woff2
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
977d5cdfc9bb63f34c875e9a0dc12f00c3e0d36ee8c47b24e468e4006cf78532

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/css1/styles.min.6.14.1-v2-m.css
Origin
https://d1ly52g9wjvbd2.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:33:16 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2018 18:38:28 GMT
age
2584095
x-cache
Hit from cloudfront
content-type
application/font-woff2; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
53932
x-amz-cf-id
EUzhtALbaYDGosonQnPuxs_gAXjVuDWXc15fnmF0oT3LuBopxOet0Q==
expires
Fri, 05 May 2023 01:33:16 GMT
step-02.png
d1ly52g9wjvbd2.cloudfront.net/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ly52g9wjvbd2.cloudfront.net/images/step-02.png
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-84-174.txl50.r.cloudfront.net
Software
/
Resource Hash
855a50076325e400aef040514e0e512b2ff3c94704a221432238fe0e1a6aed85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 06 May 2022 04:50:22 GMT
via
1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2019 14:11:43 GMT
age
2917869
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-length
7963
x-amz-cf-id
6lESGxn-oAErrWRfESrLnsGb8NASF87zXmAp12ZRSd39aj2Hl70feg==
expires
Sat, 06 May 2023 04:50:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16509862-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3743
date
Wed, 08 Jun 2022 22:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 09 Jun 2022 00:19:08 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55d79f5d014bf4df18952ffb405744bdce6cf9d0ff187fedd150a29bb1c56bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122341
x-xss-protection
0
server
cafe
etag
1079321502420934308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 23:21:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/ Frame 9800 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
9557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 20:42:14 GMT
etag
14734731752043123527
expires
Wed, 22 Jun 2022 20:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1574605202&t=pageview&_s=1&dl=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Font%20Finder%20%F0%9F%94%8E%20by%20What%20Font%20Is&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1530344059&gjid=1378332329&cid=628734048.1654730492&tid=UA-16509862-1&_gid=825482278.1654730492&_r=1&gtm=2ou660&z=1313106019
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 23:21:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1ly52g9wjvbd2.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1574605202&t=event&_s=2&dl=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Font%20Finder%20%F0%9F%94%8E%20by%20What%20Font%20Is&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=V19-AMZCROP&ea=display&el=&ev=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=628734048.1654730492&tid=UA-16509862-1&_gid=825482278.1654730492&gtm=2ou660&z=201150197
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 21:11:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7806
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1574605202&t=event&_s=3&dl=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Font%20Finder%20%F0%9F%94%8E%20by%20What%20Font%20Is&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=V19&ea=display&el=&ev=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=628734048.1654730492&tid=UA-16509862-1&_gid=825482278.1654730492&gtm=2ou660&z=2007079795
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 21:11:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7806
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=d1ly52g9wjvbd2.cloudfront.net&callback=_gfp_s_&client=ca-pub-7766349947687093
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e5a0d0d7969d3723279eda2052f61b04f9b98b4c5acb74185689c6b167e80071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=d1ly52g9wjvbd2.cloudfront.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d1ly52g9wjvbd2.cloudfront.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 23:21:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3FE5 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7766349947687093&output=html&adk=1812271804&adf=3025194257&lmt=1654730491&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654730491730&bpp=2&bdt=411&idt=247&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7043945434476&frm=20&pv=2&ga_vid=628734048.1654730492&ga_sid=1654730492&ga_hid=1574605202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067908&oid=2&pvsid=181898839048472&pem=275&tmod=1779963339&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=264
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 23:21:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		7 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16509862-1&cid=628734048.1654730492&jid=1530344059&gjid=1378332329&_gid=825482278.1654730492&_u=YEBAAUAAAAAAAC~&z=1370088881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Jun 2022 23:21:32 GMT
content-type
text/plain
access-control-allow-origin
https://d1ly52g9wjvbd2.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 2639 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bc392c095dcf77649ba600570ea1629ada87be6c1c7fccc775ede9bbfa96b07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 17:37:18 GMT
server
Apache
etag
"10a1110-359bd-5e066573c5510"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=108283
accept-ranges
bytes
content-type
text/javascript
content-length
67198
expires
Fri, 10 Jun 2022 05:26:15 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame 353C 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46b8b5c8edc468cfc2b98f749ac9625de1731f8082d1bf1840dc7f4dd973c551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 15:15:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62729888-9714"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 10 Jun 2022 23:21:32 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame B3DD 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
01d3eaab7f68119b5d7a50ddaf0cf653880942abd70647cc1feb6d492cc880d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 13:49:15 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6290d6db-b2f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 10 Jun 2022 23:21:32 GMT
/
powerad.ai/pubPls/ 		32 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/106656189052700/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
dfc8b3b8ef62c3a3cfd4c56ea36f41aca741c2fb8cbd0e14c1a52e64964a0362

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"20-AdLK/Skoo9BATRQ35aBtPSFKRdw"
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://d1ly52g9wjvbd2.cloudfront.net
access-control-allow-credentials
true
access-control-allow-headers
*
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16509862-1&cid=628734048.1654730492&jid=1530344059&_u=YEBAAUAAAAAAAC~&z=657938249
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 23:21:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16509862-1&cid=628734048.1654730492&jid=1530344059&_u=YEBAAUAAAAAAAC~&z=657938249
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 23:21:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
hb.brainlyads.com/ Frame 2639 		569 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: d1ly52g9wjvbd2.cloudfront.net
URL: https://d1ly52g9wjvbd2.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81746464e3633248326b98acbce210c5c4047885eb04e8718ea583b56f51ec97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 15:11:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"627297b3-8e360"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 10 Jun 2022 23:21:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e33fa77bd202191ea78ebbf00d1d1a2190fe325499e56e30a98d6f4fca560fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 23:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10729
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7766349947687093&plah=d1ly52g9wjvbd2.cloudfront.net&bust=31067908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 23:21:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A37B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
11289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 20:13:24 GMT
expires
Thu, 08 Jun 2023 20:13:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8C57 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b04a17c17bffb3947e9a606c242e8b1677a57818b0b7dd1f5aa9838610ebbae3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h81WALDSYPfJ7bPIC6-jOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1ly52g9wjvbd2.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-h81WALDSYPfJ7bPIC6-jOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 23:21:33 GMT
expires
Wed, 08 Jun 2022 23:21:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220607&jk=181898839048472&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame A37B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
59599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 06:48:14 GMT
generate_204
tpc.googlesyndication.com/ Frame A37B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DecOGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:21:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220607&jk=181898839048472&bg=!bm2lbSnNAAaJfvByqX47ACkAdvg8Wm2o1zWJac7gUUxpHrfV1iIQwli27nsNN7qtliJLConmiA0XLAIAAABEUgAAAAJoAQcKANJDHeoGLr1SaZYaVGhKgCG1cjIklipvVxeZUct0xIvkAoQAfotsqWplnHYccchz3-FzfsBNfEr35988L1kq5G63-SIDPAbL7D7nsmKLgcyrClDkAKWfkpVk5akY68HVPXQRst1PttHE6F9vol4cEmbMNvTKYcOfbRCJXkUF5HDYRk4r9me0VcEoWQjhyXhaBV6Qtq7-dAmZHqViplgDvj9HjO-UkWHbPlPpmD3Qn6LjK2obp6xXk3IF7HMRTFUwuZwSndab21ALnTajBs1c45bcWPGZAqdDN1nd2pLYkaGgvLrY82ooR1fhYS6srD2YcNeU3T3VXbqVsaZYT4CRTZT428TS7bc8Zkl9b94n1O22EX0I1ica7FsW-lotlpOCenU9wAhihxM8WCNfRFFJoPaDgEBgFMmFrpE1ChNO5c61z3irTdDss0m-zHnx05BXNmW5gBD5uBYyeeUzAWFL0ctQRBDZ5A0W8oRpViDP-UIKPEElL4t4wwYPYp8gCNy09wA_bl6vyMIeDbLRotQKzuzsVCenxcSplvZKfaKiUbGXvBd71n_M6F2e4bwTmbuuRgLUAaP3gBaYfNlB8ob41z0pLH5eZrjNjvWZFKTTCJ5fH09eMqMl_ZTdWNUZg1zMf5-FFxSpKz3RqbnjFL0fwrT6OHwgoZ1SVt4DBDqoo1ntv8yVRb2cHT7p-mEY5_cj_dpckG4MmVQPGPb6ln1MLWovJBwi7B6Q67XSdc-WMtBitDi6IibnzJr1NWiBiOBsbKr6b-7Av1fmlxIKi5Lyw4lKyiPHsat7--d_pKuh2cn8hRux5PB9WdEIj5-oBFlCyT1sVNXRhSVuz9Kj1NBuyXvOoq9JMg5gRG8Ab269ksKl33rdATGwapvaqExztn_8x2xPkJYxhZ8c77SCwrNRxaZ4_GwEn9E3hYe_trIWpXjtD7Kot9cmwbgrJZge1Q544IpfSQhutFaE_n7yAJvTbRkzZM9fyBGVPue-S-pi-RGYsoxqnSJAS3rI9z_HCSyTo0Ud_MNgQhp_NL0Q8l88-9eCJp1uz4n8E3E74TgykFGV-b8rAEuHyANOO51amGF2y54uRsq-gwK3UHbHlytg6-fvxVoX4Q3ZkWHu44nMDG6wYH2nDAYGvBrLQM308s7jynTlYGypZS_f8h0om3kBc4EAtSaNF10PcFM_856w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d1ly52g9wjvbd2.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer function| modalactivate function| $ function| jQuery function| Popper object| bootstrap function| makeurlu boolean| subcribe_newsletter_open string| varrrr object| holder function| checkImageExists object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw1.1 object| pa_pbjs_fw2.0 object| GoogleGcLKhOms

4 Cookies

Domain/Path Name / Value
.d1ly52g9wjvbd2.cloudfront.net/ Name: _ga
Value: GA1.3.628734048.1654730492
.d1ly52g9wjvbd2.cloudfront.net/ Name: _gid
Value: GA1.3.825482278.1654730492
.d1ly52g9wjvbd2.cloudfront.net/ Name: _gat_gtag_UA_16509862_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7766349947687093&output=html&adk=1812271804&adf=3025194257&lmt=1654730491&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd1ly52g9wjvbd2.cloudfront.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654730491730&bpp=2&bdt=411&idt=247&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7043945434476&frm=20&pv=2&ga_vid=628734048.1654730492&ga_sid=1654730492&ga_hid=1574605202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067908&oid=2&pvsid=181898839048472&pem=275&tmod=1779963339&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=264
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
d1ly52g9wjvbd2.cloudfront.net
googleads.g.doubleclick.net
hb.brainlyads.com
pagead2.googlesyndication.com
partner.googleadservices.com
powerad.ai
reporting.powerad.ai
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
18.211.226.152
18.64.84.174
216.58.212.162
23.20.158.212
23.35.236.201
2a00:1450:4001:800::2002
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c0b::9b
54.234.151.247
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01d3eaab7f68119b5d7a50ddaf0cf653880942abd70647cc1feb6d492cc880d5
069259a60dbddb5651aee2b96b4a6f029e132af543ecafc08941bc6693799fae
13ada88779f3daa71b8387ec4c0a60ee3475a5a39915bc664dec9ddeaf7672f8
3100cb0a5669a93df74c6bfe082497f97888f89bac013383edcf0f6ca54d2d58
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
46b8b5c8edc468cfc2b98f749ac9625de1731f8082d1bf1840dc7f4dd973c551
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d79f5d014bf4df18952ffb405744bdce6cf9d0ff187fedd150a29bb1c56bb1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56aa3230002f35b5e7a899f577c54d06b2475943e4b82c7854f81c20217bd9c4
58d06392fa537192bd14eee5b07fdde81058ecbba637e397bea79ea1943f74a9
5bc392c095dcf77649ba600570ea1629ada87be6c1c7fccc775ede9bbfa96b07
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
71a2f924ab5520702eadad8818addb9887b7a4ad05e0b3a0c3b7f015903432f1
81746464e3633248326b98acbce210c5c4047885eb04e8718ea583b56f51ec97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855a50076325e400aef040514e0e512b2ff3c94704a221432238fe0e1a6aed85
897774e448cd222de4ef696e2910e89a580e9d84b36419720c59fa55796b17cb
90ab66c6005be934f55234ff16d627d52117c6feaf40010724ddcf540f7055b6
977d5cdfc9bb63f34c875e9a0dc12f00c3e0d36ee8c47b24e468e4006cf78532
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b04a17c17bffb3947e9a606c242e8b1677a57818b0b7dd1f5aa9838610ebbae3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d7a7b8110cdc3b30732713ebe980afd5c8a12c7f63cd9306fbe74d0f3c06da70
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc8b3b8ef62c3a3cfd4c56ea36f41aca741c2fb8cbd0e14c1a52e64964a0362
e33fa77bd202191ea78ebbf00d1d1a2190fe325499e56e30a98d6f4fca560fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a0d0d7969d3723279eda2052f61b04f9b98b4c5acb74185689c6b167e80071
edfac4423e897ff3ae6cb8c7abf15cc15787ca7a41be9c1105c08c6586af4035
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffda0229b8e74e5031ad0f7f82d97499d638f6d9a53e85cbfe261483a5ee0929