urlscan.io logo urlscan.io
SecurityTrails logo

lipsum.com Open in urlscan Pro
35.245.169.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://postoffice210.click/
Effective URL: https://lipsum.com/
Submission: On November 12 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 46 HTTP transactions. The main IP is 35.245.169.144, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is lipsum.com. The Cisco Umbrella rank of the primary domain is 293917.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 10th 2022. Valid for: a year.
This is the only time lipsum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
postoffice210.click
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    35.245.169.144 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 144.169.245.35.bc.googleusercontent.com
lipsum.com
1    34.96.69.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.69.96.34.bc.googleusercontent.com
cdn.bidder.dev
3    34.245.154.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-154-233.eu-west-1.compute.amazonaws.com
ads.avocet.io
ads.avct.cloud
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:20eb:7200:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
2    2600:9000:225a:e600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:2182:f400:3:a4cd:8380:93a1 (None, )

ASN- ()
test.cmp.quantcast.com
1    2600:9000:225f:2600:6:44e3:f8c0:93a1 (None, )

ASN- ()
rules.quantcount.com
3    2600:9000:21f3:4000:9:46dc:4700:93a1 (None, )

ASN- ()
cmp.quantcast.com
1    18.198.135.19 (None, )

ASN- ()
audit-tcfv2.cmp.quantcast.com
Apex Domain
Subdomains		 Transfer
8 postoffice210.click
postoffice210.click
5 KB
6 gstatic.com
fonts.gstatic.com
151 KB
6 lipsum.com
lipsum.com — Cisco Umbrella Rank: 293917
50 KB
5 quantcast.com
test.cmp.quantcast.com
cmp.quantcast.com
audit-tcfv2.cmp.quantcast.com
142 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
aax-dtb-cf.amazon-adsystem.com Failed
4 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
112 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
156 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 7045
883 B
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2632
46 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2779
734 B
1 quantcount.com
rules.quantcount.com
642 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
39 KB
1 avocet.io
ads.avocet.io — Cisco Umbrella Rank: 4750
140 B
1 bidder.dev
cdn.bidder.dev — Cisco Umbrella Rank: 82737
51 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
18 KB
46 18
Domain Requested by
8 postoffice210.click 1 redirects postoffice210.click
6 fonts.gstatic.com fonts.googleapis.com
6 lipsum.com postoffice210.click
lipsum.com
3 cmp.quantcast.com quantcast.mgr.consensu.org
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 cdn.jsdelivr.net cdn.bidder.dev
cdn.jsdelivr.net
lipsum.com
3 securepubads.g.doubleclick.net cdn.bidder.dev
securepubads.g.doubleclick.net
2 www.google-analytics.com lipsum.com
www.google-analytics.com
2 api.floors.dev cdn.bidder.dev
2 quantcast.mgr.consensu.org postoffice210.click
quantcast.mgr.consensu.org
2 ads.avct.cloud 1 redirects lipsum.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 secure.quantserve.com quantcast.mgr.consensu.org
1 fonts.googleapis.com lipsum.com
1 d3div1mtym39ic.cloudfront.net lipsum.com
1 ads.avocet.io 1 redirects
1 cdn.bidder.dev lipsum.com
1 cdnjs.cloudflare.com postoffice210.click
0 aax-dtb-cf.amazon-adsystem.com Failed c.amazon-adsystem.com
46 21
Subject Issuer Validity Valid
*.postoffice210.click
E1		 2022-11-12 -
2023-02-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.lipsum.com
AlphaSSL CA - SHA256 - G2		 2022-11-10 -
2023-12-12		 a year crt.sh
cdn.bidder.dev
GTS CA 1D4		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-10-03 -
2023-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lipsum.com/
Frame ID: 39B9A4C0DE2C83ABEFDB0973FDF1BE77
Requests: 41 HTTP requests in this frame

Frame: https://postoffice210.click/main/nahuiframe.html
Frame ID: 2A821DB799366E8E6F85BFAFD3BD9DFC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lorem Ipsum - All the facts - Lipsum generator

Page URL History Show full URLs

  1. https://postoffice210.click/ Page URL
  2. https://postoffice210.click/goto.php HTTP 302
    https://lipsum.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

46
Requests

93 %
HTTPS

68 %
IPv6

18
Domains

21
Subdomains

20
IPs

3
Countries

806 kB
Transfer

2573 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://postoffice210.click/ Page URL
  2. https://postoffice210.click/goto.php HTTP 302
    https://lipsum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://ads.avocet.io/s?add=5e88559ea6073220677e11e7&ty=j HTTP 307
  • https://ads.avct.cloud/s?r=1&add=5e88559ea6073220677e11e7&ty=j HTTP 307
  • https://ads.avct.cloud/s?bounce=true&r=1&add=5e88559ea6073220677e11e7&ty=j
Request Chain 17
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
postoffice210.click/ 		704 B
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6d6e6cad1e5296510f1ee7a9b8a58adf9764936df7d736a7dfb298bbe82455
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
768fbdfacd1fb742-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 13:51:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxpinnP0FxFynrTyDZwDcKmgXgIxO8iwSkAaulv%2BGK2nB0Me3ORK3yp%2B%2F2p1xkL2Wx6PGD8r2CxQxSYXlk6rAGPMAdpQC6CgyDDJLHf6N1XkvdlzBBJcoMmAueS01R2bOSudE%2Fx3zvCJjhTMy6yiF5%2FF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/ 		156 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13549054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17437
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-26f1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGWGghpxnRrML3w1R95HmG%2B9790BOVF9xGGHSnk2%2Bd7tZCNf%2F9wljdHDeN0WqTiV0XIy4DRX0M8lrWVLz8iFX7WNamm9RvIfbVa0fIrs2DIDybRBYmWIv3W4wRckbG%2BNShiVRzhvBqXVdCZlrgdI6vML"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
768fbdfb9915b8b8-AMS
expires
Thu, 02 Nov 2023 13:51:23 GMT
nahuibot.css
postoffice210.click/main/ 		452 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/main/nahuibot.css
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d459b55c38218a0a486e4fb42328488b0afd159d74b9b8b924c65c87e9227e3c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postoffice210.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin, same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
server
cloudflare
etag
W/"61edb5dc-1c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fro8%2FoozI9i5gPY9b2PtgGXJZz3yHwp6w1HHSe0q9Yw4TXib26Xc%2FQpvv1PtJacsItF6bU4N1RrXPhqoYMMop4ZSV7j3fcP%2BPhdnvnB7oJy6odUE8QGwX%2FalAERXZcQlkMYCTNll7u70tvihs6EgN7Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
768fbdfb3da1b742-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
goto.js
postoffice210.click/main/ 		206 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/main/goto.js
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef45d5fce11fbe935892df258ed8ce6cdfb224fb9d53c8c6ec8109f6bd8c1ca
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postoffice210.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin, same-origin
last-modified
Mon, 29 Aug 2022 22:22:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
server
cloudflare
etag
W/"630d3c2f-ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeU2uEx6qvJYDHGXtHcMnb2xEmhZZ5snPKR7VfoOT5VJX8%2Bs9MKPuFQiIx%2B4hfYgtfuINbBdXdV5ViYXmKnYodIMhVoz7%2FFskNM6pLMg6fiTsS3DKrCx7k6aGyInEHwsXDv4XbRS5cv%2Bg%2B%2FBPTvzfTip"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
768fbdfb3da2b742-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nahuiframe.html
postoffice210.click/main/ Frame 2A82 		526 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/main/nahuiframe.html
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f96c342fe42485dbdf5599702357ec53ad1f15d972699bdf2fbbfcc1e649
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff

Request headers

Referer
https://postoffice210.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
768fbdfb5dc9b742-AMS
content-encoding
br
content-type
text/html
date
Sat, 12 Nov 2022 13:51:23 GMT
last-modified
Thu, 25 Aug 2022 20:35:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziVCAH%2BpqDK5Vj5jukdCONc8VvF%2FWyK7maUKLvx%2BQfaHaUM%2Bx3DRRlaXP0R0Mf%2BQ1aFGzu54qXLEA5s2ye4n2Xx521btlzGcUOn0Hogq6mTFnR34cN7AgzKEs0FDM1rkRzyTWlUMww4XmCPZJdf0LFLD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
nahuibot.css
postoffice210.click/main/ Frame 2A82 		452 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/main/nahuibot.css
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d459b55c38218a0a486e4fb42328488b0afd159d74b9b8b924c65c87e9227e3c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postoffice210.click/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin, same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
server
cloudflare
etag
W/"61edb5dc-1c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0D51NA4d3VHqvAQRWUtzxDFNJ3hRBF68Sm6qNwrkM5q1BG8viSR2MAeIOZAqDXgPLHEn7ft7VB5lWWw1BqPuTHapauWbVSfEi0DWzJ55BB%2B9bV5bdTb1j2fWflJZPpP8qjUGv3GL%2FdMq7jZR%2FoGjiy7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
768fbdfbceb90bae-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.png
postoffice210.click/main/ Frame 2A82 		68 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postoffice210.click/main/favicon.png
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postoffice210.click/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
referrer-policy
same-origin, same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
server
cloudflare
etag
"61edb5dc-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5kUHf4e1DFrod7PltF%2BYlVE%2FgmM5yClxSdo79IZsF11vZxiFdPJCvQuRAX%2B3q2TRuRnjEO4iYZotKnMmdF4lUo35uBTGQEZZxdq6KIeV8hA4Yr31Pp81iTUIEBgsoeE3aVbtCq5Y7mVxzGrpi3WeEUf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
768fbdfbceba0bae-AMS
nahuibot.js
postoffice210.click/main/ Frame 2A82 		771 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://postoffice210.click/main/nahuibot.js
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbf5182fed96d7284b55ba9ec45eba0abb63cefb3f0df4a5ef3ea36e29a0b62
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postoffice210.click/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin, same-origin
last-modified
Thu, 25 Aug 2022 16:23:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
server
cloudflare
etag
W/"6307a1ef-303"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlYuuPlJZZkktbapuShmYvLk%2FdzDxm8lFDGj3%2FPqXuqEkFBsqocFh44s%2BJjg%2Faf2wZNp3gTj%2BVW0E%2BdysqnMnlcpkr%2FwcAvWTtuWXNZQc5s%2FNouu5Krbe%2BikSHBv4emDcuJWMNuIdRsZh3COWA8Rdyh7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
768fbdfbcebd0bae-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 2A82 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdb30873bdf16770bfea1fe86e44db7476e504c2dca1542b0660b20f47f523a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
lipsum.com/
Redirect Chain
  • https://postoffice210.click/goto.php
  • https://lipsum.com/
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lipsum.com/
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
80907be3d4290a1131d3e614114dff8efac4f0d6bb6b2a129ec2c92f4d37eafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://postoffice210.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 12 Nov 2022 13:51:26 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
768fbe09dbad0bae-AMS
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 13:51:25 GMT
location
https://lipsum.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1pDDD9KyNbA9BA5NP522WtqHqSA61Jxrp2XmSK76MLUhqZK8OlLqfRtJiFM1acox4Ivqaq5mj3jYQy56kFxktGqiOxWl4So1dH7gTGLushTH02uc7DkuKoW2hmL3K7XqFL%2BF48NaMp%2FeR2lK13sk33%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
sa-script.js
cdn.bidder.dev/clients/15188745/Lipsum/ 		171 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidder.dev/clients/15188745/Lipsum/sa-script.js
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.69.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.69.96.34.bc.googleusercontent.com
Software
/
Resource Hash
44fe23cd1bf0635b86292f8143893bddc4f45b6de9406d0140943a00eb90acb1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:46:59 GMT
content-encoding
gzip
via
1.1 google
age
267
etag
CNSa2tzA0PgCEAE=
content-type
application/javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52383
180321.css
lipsum.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lipsum.com/css/180321.css
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
43ce00ba566f24cebb068faaa6fb515c976f29bda825bf2f993bdbcce4ff73ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 17:10:41 GMT
Server
Apache
ETag
"fdc-5bdbe900f6c00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1375
s
ads.avct.cloud/
Redirect Chain
  • https://ads.avocet.io/s?add=5e88559ea6073220677e11e7&ty=j
  • https://ads.avct.cloud/s?r=1&add=5e88559ea6073220677e11e7&ty=j
  • https://ads.avct.cloud/s?bounce=true&r=1&add=5e88559ea6073220677e11e7&ty=j
0
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.avct.cloud/s?bounce=true&r=1&add=5e88559ea6073220677e11e7&ty=j
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
H2
Server
34.245.154.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-245-154-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 12 Nov 2022 13:51:26 GMT
content-length
0
content-type
application/javascript

Redirect headers

location
/s?bounce=true&r=1&add=5e88559ea6073220677e11e7&ty=j
date
Sat, 12 Nov 2022 13:51:26 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
100
content-type
text/html; charset=utf-8
black_234x60.gif
lipsum.com/images/banners/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lipsum.com/images/banners/black_234x60.gif
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
b39d3fb09ed7b85bb01fd16901b8e779fe8d381ab8344aaa97f1ecefb70d41aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 02 Apr 2020 15:15:24 GMT
Server
Apache
ETag
"1116-5a2504527eb11"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
4374
grey_234x60.gif
lipsum.com/images/banners/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lipsum.com/images/banners/grey_234x60.gif
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
064780ada752d016790318ec2e418924c40df7ff212e7381c8f7a0463bf2cf3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 02 Apr 2020 15:15:24 GMT
Server
Apache
ETag
"1097-5a2504527fe99"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
4247
white_234x60.gif
lipsum.com/images/banners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lipsum.com/images/banners/white_234x60.gif
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
f8bb55889219c335895efef7ec8066b2f1547e35e1b10f15f4046553bb0a13e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 02 Apr 2020 15:15:24 GMT
Server
Apache
ETag
"1076-5a25045280e39"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4214
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/15188745/Lipsum/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15fa217eb034736c958f72dc394a9d5460a0422b505a468a1048392ac248c5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27297
x-xss-protection
0
server
sffe
etag
"1391 / 383 of 1000 / last-modified: 1668207947"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Nov 2022 13:51:26 GMT
4.23.0.js
cdn.jsdelivr.net/gh/bidder-dev/prebid@master/ 		359 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/15188745/Lipsum/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29091
x-jsd-version
master
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"59a64-U8CHrkDcnv5SfhljaVI67CWLEA0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MkHrUIdEOz7eFM1uOMusSaTDscuT4lFv%2FTCMXAluAv6Tet3NvE2g%2FGdpKRFXZefx1MH4VXoIFnTfZtUVolO%2BFag36CTN146Ot3EVKTmwK7aMqB5Pr1fvN9Pmm59zSciMpMTycYxTnVIAdIpJ8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
768fbe0f7d5d0e88-AMS
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
H2
Server
2600:9000:20eb:7200:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:03:39 GMT
content-encoding
br
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2868
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
EkP248B9wlfyyCpbnvRkNCZJwdNhvVutkr-1oxLh7aO0_SeXIEw1Ag==

Redirect headers

date
Fri, 11 Nov 2022 22:55:53 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1, FRA2-C1
age
53733
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
TPFZyk6jcwxMjGfVn4VWfDneLv9GrqO6vapE-uUECiRAKBDBzG7doQ==
choice.js
quantcast.mgr.consensu.org/choice/SbtDyS4yjPaRj/lipsum.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/SbtDyS4yjPaRj/lipsum.com/choice.js
Requested by
Host: postoffice210.click
URL: https://postoffice210.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:e600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2cd9d8ef583f6a557e9be0ad9f31cadb1310e2583b64d3a8db2fbf93430f9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
content-encoding
gzip
via
1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 21:33:43 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
23
x-amz-server-side-encryption
AES256
etag
W/"389a7a57ff0c1062d13cb050fdcad598"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DV9KEj8sOzO_8fwEdZb1dh7tCne6aiIMvfd6VXs4OotppZCgd4XkLQ==
floors
api.floors.dev/sgw/v1/ 		862 B
883 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/15188745/Lipsum/sa-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
64c5e3c54723c0047d36bfc44668ae4a37f37f6c3f6e536f79044f46aa58604a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-api-key
QBNaieBwWeBYMRGsreCNdCsuWLTtmZ
content-type
application/json

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 13:51:26 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://lipsum.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://lipsum.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://lipsum.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sat, 12 Nov 2022 13:51:26 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: lipsum.com
URL: https://lipsum.com/css/180321.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 12 Nov 2022 13:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Nov 2022 13:06:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Nov 2022 13:51:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 12 Nov 2022 13:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2132
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 12 Nov 2022 15:15:54 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:50:34 GMT
x-content-type-options
nosniff
age
414052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:50:34 GMT
DauphinPlain.woff
lipsum.com/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lipsum.com/fonts/DauphinPlain.woff
Requested by
Host: lipsum.com
URL: https://lipsum.com/css/180321.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.169.144 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
144.169.245.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
0994d3c7a9d3f48763c300cb411538091450d57059d697736db89c9a3a1f27c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lipsum.com/css/180321.css
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 02 Apr 2020 15:15:24 GMT
Server
Apache
ETag
"6dc4-5a2504527d789"
Vary
Accept-Encoding
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
28100
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:02:01 GMT
x-content-type-options
nosniff
age
413365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:02:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:00:06 GMT
x-content-type-options
nosniff
age
413480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31320
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:11:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:00:06 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c018fe9d09945d93f6f5aa5f1c53a2975621c3043a22344eaf86d6500c245c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:53:51 GMT
x-content-type-options
nosniff
age
413855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21048
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:53:51 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1b915d9a1f79eefb62e5c9c1af97e12adacc44deac97601105bdd2d2c46798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:15:59 GMT
x-content-type-options
nosniff
age
412527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16248
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:11:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:15:59 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0339b1b820cfe60c3822e2595af52474f3a985fb294f0f72d1e918da3a977765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39029
x-jsd-version
1.0.1521
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4523-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"666-3iOLjXN0LnN/rLkXhlRpMDARuc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEwGfS5binGTShpHAnE6W8eWRVF66MfV5vZPoISlOrO7t2Q86m7J2RRn0OMyUs4PHMfKiVBFJvrt98WxGE6lhlm%2BZTtVGmgPkdOGQpnH2gPvUlZJkSQ2KYdqGzsWTinOItXfP3Cn7iKLT2oZRsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
768fbe105cd4b7f8-AMS
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/SbtDyS4yjPaRj/lipsum.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
content-encoding
gzip
etag
"dGMVEkJqMDGUKmTNQCF+Mg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 19 Nov 2022 13:51:26 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=lipsum.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/SbtDyS4yjPaRj/lipsum.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:e600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:50:44 GMT
content-encoding
br
via
1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
60
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Nov 2022 18:23:42 GMT
server
AmazonS3
etag
W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
hYEzjLlnivAIdqXuAFSePJdcdRHhIWvK_8oRdQDAxVWsvpuYa-3Dtw==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lipsum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:16:47 GMT
x-content-type-options
nosniff
age
412479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14040
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:16:47 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=24330433&t=pageview&_s=1&dl=https%3A%2F%2Flipsum.com%2F&ul=en-us&de=UTF-8&dt=Lorem%20Ipsum%20-%20All%20the%20facts%20-%20Lipsum%20generator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=960088619&gjid=184176741&cid=1077261192.1668261087&tid=UA-15036679-1&_gid=567117474.1668261087&_r=1&_slc=1&z=323890179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 13:51:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lipsum.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flipsum.com&pubid=16268e26-dabe-4bf4-a28f-b8f4ee192ed3
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:26 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://lipsum.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Ha5CEtUK7VSUGclNRAcsvgppZ48MQEoL7le702j4ORrXyfBNjo-HTA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding
gzip
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 02:28:04 GMT
x-amz-cf-pop
FRA2-C1
age
41003
x-cache
Hit from cloudfront
last-modified
Tue, 08 Nov 2022 20:12:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wNhcYMKVziPaxA8ltdjEcski9FOr6JoVOWR0OvEuQj8-QS3XRQH0HA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=lipsum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:f400:3:a4cd:8380:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336

Request headers

Accept
application/json, text/plain, */*
Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 03:00:39 GMT
x-amz-version-id
mbynXBBZ.ckIcnxGDVHS07C_p1g25FCO
content-encoding
br
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
age
39049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 31 Oct 2022 19:52:29 GMT
server
AmazonS3
etag
W/"9d3edb6b0958dc8fc9d74e44b3d6c1cf"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
wcKd9Mr97XD60FZiBmS-eAOmfRqqUkEh5qcaRaC54Sv0ubpYZwdHjw==
pubads_impl_2022110801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 12:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131898
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:38:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 12 Nov 2023 12:10:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		89 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lipsum.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2223cc5ea6c391b2f6161353533e5e3010041ddf601460319f4f6cc22517ccb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Sat, 12 Nov 2022 13:51:27 GMT
rules-p-SbtDyS4yjPaRj.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-SbtDyS4yjPaRj.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:2600:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fb9620e81115727f21a512c91447b18ed6b0b126b2eecd9690b64143deb3dec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:11:50 GMT
via
1.1 bfeb5de1b362acd366f42059fc9dbbbc.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
age
2380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:05:36 GMT
server
AmazonS3
etag
"b3a727dbf53237bfb060ad9ea01c06da"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ad13M4WE48yUuIIEPBbLWL72uP57z4L_-cCQ-pPt7aLd-tYVTPqUPA==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/45/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=lipsum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4000:9:46dc:4700:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 18:24:48 GMT
content-encoding
br
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
156400
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Nov 2022 18:23:24 GMT
server
AmazonS3
etag
W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
qpO4REikPDwNvzu-fQkSKtTTRVvy3wfOjHg25jXfvk3o7s7y6-fv-w==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		347 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=lipsum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4000:9:46dc:4700:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66ce567326799b1d74cfb9d592af44d3d93a1667878bde98a22b933c0f64d4a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 03:00:36 GMT
content-encoding
br
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
39052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 12 Nov 2022 03:00:33 GMT
server
AmazonS3
etag
W/"74bda64904b601b673f9bfc12b071d53"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Ak0SFNLyMu_7W_6aAwz1ue5gt9gKU-sh1Ne49q_hzy1RvxkGd-iVYw==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		150 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=lipsum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4000:9:46dc:4700:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e

Request headers

Accept
application/json, text/plain, */*
Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 03:00:29 GMT
content-encoding
br
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
39058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 12 Nov 2022 03:00:26 GMT
server
AmazonS3
etag
W/"5e5c32e11030f411462907ffac99a722"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
gt0Tm5g5cywHcql-i2aEp4HtCbc5U_VbVcsikF7d-rJM4fV2TJMpyQ==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22SbtDyS4yjPaRj%22%2C%22domain%22%3A%22lipsum.com%22%2C%22publisher%22%3A%22Lispum%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22m00gNrw01kCsTmqK%2BQz8PA%22%2C%22clientTimestamp%22%3A1668261087324%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mun9dpuk5mc9c5tdiacx%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.135.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://lipsum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 12 Nov 2022 13:51:27 GMT
content-length
2
content-type
text/plain; charset=utf-8
lipsum.png
cdn.jsdelivr.net/gh/streamAMP/logos@master/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/streamAMP/logos@master/lipsum.png
Requested by
Host: lipsum.com
URL: https://lipsum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lipsum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:51:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12779
x-served-by
cache-fra19146-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"31eb-51RAtjlBenjY9OkieWmdpCYPakA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80eDhSRc60LzkuFV3rnrt2qvFHhJU6Gf2hFgYGGYFSc7dNhfNNH4svWVF1xVwGBy8JWj3gX6jMPOySy%2Ba6DYoQuJhpb%2BeaXxU5%2F6CFMpdvtaz1ClG22IKJIlilviotQ%2Bp2vhm6EhOskMe3ZLaao%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
768fbe142fedb8c6-AMS
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aax-dtb-cf.amazon-adsystem.com
URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flipsum.com%2F&pid=E2zZJEulI3lyN&cb=0&ws=1600x1200&v=22.1107.1609&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1456148316198-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15188745%2C22440292294%2FLipsum-Unit1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1474537762122-2%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F15188745%2C22440292294%2FLipsum-Unit3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1474537762122-3%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F15188745%2C22440292294%2FLipsum-Unit4%22%7D%5D&pubid=16268e26-dabe-4bf4-a28f-b8f4ee192ed3&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| pbjs object| googletag object| AD_UNITS_TOGGLE_OFF object| AD_UNITS_TOGGLE_ON object| gptAdSlots object| apstag function| __tcfapi function| __uspapi object| bidderClientConfig object| streamamp object| triple13 string| GoogleAnalyticsObject function| ga function| pbjsChunk object| _pbjsGlobals object| _qevents object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED object| regeneratorRuntime function| __tcfapiui object| ggeac object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions

5 Cookies

Domain/Path Name / Value
postoffice210.click/ Name: human
Value: 5
ads.avct.cloud/ Name: uuid
Value: eed28edc-47ae-4d31-a636-cfff01d26c1e
.lipsum.com/ Name: _ga
Value: GA1.2.1077261192.1668261087
.lipsum.com/ Name: _gid
Value: GA1.2.567117474.1668261087
.lipsum.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ads.avct.cloud
ads.avocet.io
api.floors.dev
audit-tcfv2.cmp.quantcast.com
c.amazon-adsystem.com
cdn.bidder.dev
cdn.jsdelivr.net
cdnjs.cloudflare.com
cmp.quantcast.com
d3div1mtym39ic.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lipsum.com
postoffice210.click
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
www.google-analytics.com
aax-dtb-cf.amazon-adsystem.com
13.224.195.78
18.198.135.19
2600:9000:20eb:7200:11:1ed0:3900:21
2600:9000:2182:f400:3:a4cd:8380:93a1
2600:9000:21f3:4000:9:46dc:4700:93a1
2600:9000:225a:e600:9:46dc:4700:93a1
2600:9000:225f:2600:6:44e3:f8c0:93a1
2606:4700::6810:5814
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::200a
2a00:1450:4001:831::200e
2a06:98c1:3121::3
34.160.128.112
34.245.154.233
34.96.69.62
35.245.169.144
0047f96c342fe42485dbdf5599702357ec53ad1f15d972699bdf2fbbfcc1e649
0339b1b820cfe60c3822e2595af52474f3a985fb294f0f72d1e918da3a977765
064780ada752d016790318ec2e418924c40df7ff212e7381c8f7a0463bf2cf3c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0994d3c7a9d3f48763c300cb411538091450d57059d697736db89c9a3a1f27c7
0c018fe9d09945d93f6f5aa5f1c53a2975621c3043a22344eaf86d6500c245c6
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
15fa217eb034736c958f72dc394a9d5460a0422b505a468a1048392ac248c5c9
2223cc5ea6c391b2f6161353533e5e3010041ddf601460319f4f6cc22517ccb4
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2fb9620e81115727f21a512c91447b18ed6b0b126b2eecd9690b64143deb3dec
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
43ce00ba566f24cebb068faaa6fb515c976f29bda825bf2f993bdbcce4ff73ec
44fe23cd1bf0635b86292f8143893bddc4f45b6de9406d0140943a00eb90acb1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
64c5e3c54723c0047d36bfc44668ae4a37f37f6c3f6e536f79044f46aa58604a
66ce567326799b1d74cfb9d592af44d3d93a1667878bde98a22b933c0f64d4a3
6bbf5182fed96d7284b55ba9ec45eba0abb63cefb3f0df4a5ef3ea36e29a0b62
6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336
7c6d6e6cad1e5296510f1ee7a9b8a58adf9764936df7d736a7dfb298bbe82455
80907be3d4290a1131d3e614114dff8efac4f0d6bb6b2a129ec2c92f4d37eafc
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ef45d5fce11fbe935892df258ed8ce6cdfb224fb9d53c8c6ec8109f6bd8c1ca
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b39d3fb09ed7b85bb01fd16901b8e779fe8d381ab8344aaa97f1ecefb70d41aa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
cdb30873bdf16770bfea1fe86e44db7476e504c2dca1542b0660b20f47f523a7
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e
d459b55c38218a0a486e4fb42328488b0afd159d74b9b8b924c65c87e9227e3c
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
dd2cd9d8ef583f6a557e9be0ad9f31cadb1310e2583b64d3a8db2fbf93430f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1b915d9a1f79eefb62e5c9c1af97e12adacc44deac97601105bdd2d2c46798
f8bb55889219c335895efef7ec8066b2f1547e35e1b10f15f4046553bb0a13e0