imagebin.ca Open in urlscan Pro
2606:4700:3033::6812:2caa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imagebin.ca/v/5clVBafdIi9o
Submission: On October 06 via manual (October 6th 2020, 5:04:14 am UTC) from IN

Summary HTTP 64 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3033::6812:2caa, located in United States and belongs to CLOUDFLARENET, US. The main domain is imagebin.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.

This is the only time imagebin.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3033::6812:2caa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::6818:6338	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:bcde	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1 1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
7	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
2	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
64	22

4 2606:4700:3033::6812:2caa (United States)

ASN13335 (CLOUDFLARENET, US)

imagebin.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6818:6338 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vocti.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bcde (United States)

ASN13335 (CLOUDFLARENET, US)

ibin.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

imagebin.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	disqus.com imagebin.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com links.services.disqus.com	33 KB
7	disquscdn.com c.disquscdn.com	231 KB
7	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	31 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	190 KB
6	google.com apis.google.com adservice.google.com accounts.google.com	102 KB
4	doubleclick.net googleads.g.doubleclick.net
4	vocti.ca assets.vocti.ca	26 KB
4	imagebin.ca imagebin.ca	26 KB
2	facebook.com www.facebook.com
2	google-analytics.com ssl.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	61 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	9 KB
2	paypalobjects.com www.paypalobjects.com	2 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	googleapis.com ajax.googleapis.com	33 KB
1	ibin.co ibin.co	138 KB
64	17

	Domain	Requested by
7	c.disquscdn.com	imagebin.disqus.com imagebin.ca
6	referrer.disqus.com
6	platform.twitter.com	imagebin.ca platform.twitter.com
5	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	apis.google.com	imagebin.ca apis.google.com
4	assets.vocti.ca	imagebin.ca ajax.cloudflare.com
4	imagebin.ca	ajax.cloudflare.com imagebin.ca
2	tempest.services.disqus.com	imagebin.disqus.com
2	disqus.com	imagebin.disqus.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	ssl.google-analytics.com	imagebin.ca
2	connect.facebook.net	imagebin.ca connect.facebook.net
2	www.paypalobjects.com	imagebin.ca
1	links.services.disqus.com	c.disquscdn.com
1	syndication.twitter.com	1 redirects
1	accounts.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	imagebin.disqus.com	imagebin.ca
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	ajax.cloudflare.com	imagebin.ca
1	ibin.co	imagebin.ca
64	26

This site contains links to these domains. Also see Links.

Domain
ibin.co
pastebin.ca
filebin.ca
turl.ca
slepp.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh

This page contains 18 frames:

Primary Page: https://imagebin.ca/v/5clVBafdIi9o
Frame ID: 0F9EE79DE7E06B332D53E486A2FA8F2C
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html
Frame ID: A0EDC6198C111351A0FD71E0FC1B9969
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fimagebin.ca
Frame ID: 077B4C0482738FD4ACB3A61F230A2C33
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fimagebin.ca&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 3F59BD148471DDD2D7A27E07FB291599
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9373520041&adk=411157815&adf=2894146323&w=1027&fwrn=4&fwrnh=100&lmt=1601960616&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1027x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616338&bpp=15&bdt=293&idt=145&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4758352363171&frm=20&pv=2&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=8602529962&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WGhnIjoqcB&p=https%3A//imagebin.ca&dtd=161
Frame ID: AB83E39BA97DC422C591D63A027EB9FA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=306550659491641&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8f6dcaceb9e9c%26domain%3Dimagebin.ca%26origin%3Dhttps%253A%252F%252Fimagebin.ca%252Ff3a5ebc416a3f2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&layout=button_count&locale=en_US&sdk=joey&width=150
Frame ID: 1967F91731BCFE6B535A2EB426FD5052
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9979942448&adk=2156082398&adf=70166193&w=336&lmt=1601960616&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616353&bpp=3&bdt=309&idt=163&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=72ABtQ8qnB&p=https%3A//imagebin.ca&dtd=166
Frame ID: C23095724885E4DF7A79995CAF04AE84
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: AB0A3777DCBEA0C05B5A2D1ACA5A16BA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 459A539585F2B1792CE3D41EC7FD89E5
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimagebin.ca&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: F0280A1AE1DC7A81E283A911F4692747
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&adk=1812271804&adf=3025194257&lmt=1601960616&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616357&bpp=1&bdt=313&idt=217&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280%2C336x280&nras=1&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223
Frame ID: A2C3FB33F85622F7AE820475F1498D56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 1487914B2A4AA90701CC1F5978CD66C0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B9EF2F24E390BB1C1497A7CE9FE51276
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=imagebin&t_i=5clVBafdIi9o&t_u=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&t_e=How%20Mutual%20fund%20software%20is%20transforming%20the%20investment%20pattern%3F&t_d=Imagebin%20-%20Somewhere%20to%20Store%20Random%20Things&t_t=How%20Mutual%20fund%20software%20is%20transforming%20the%20investment%20pattern%3F&s_o=default
Frame ID: BC72CCB3A3B09CD6E06D7FADFA32D879
Requests: 1 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=imagebin&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&typeface=sans-serif&disqus_version=c4c67d6
Frame ID: 714C02424781D23DB94BAD4B19159066
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: F862A02F7F099407D1AEA2B745C51E88
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 956E26D9D000A7555BA2E7DA51C54082
Requests: 1 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=imagebin&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&typeface=sans-serif&disqus_version=c4c67d6
Frame ID: A131C74A888FD4FF2FF37603B4172A50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

64
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

26
Subdomains

22
IPs

3
Countries

925 kB
Transfer

1762 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ibin.co/5clVBafdIi9o.jpg

Search URL Search Domain Scan URL

URL: https://pastebin.ca/
Title: Pastebin

Search URL Search Domain Scan URL

URL: https://filebin.ca/
Title: Filebin

Search URL Search Domain Scan URL

URL: https://turl.ca/
Title: TURL

Search URL Search Domain Scan URL

URL: https://slepp.ca/
Title: Stephen Olesen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 5clVBafdIi9o Show response
imagebin.ca/v/ 10 KB
4 KB 266ms
236ms Document
text/html 2606:4700:3033::6812:2caa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6812:2caa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4809c78c0f87c47270915d95d0e4f2c55b55c04bfea4bb6a4063acd1760daca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: imagebin.ca
:scheme: https
:path: /v/5clVBafdIi9o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 06 Oct 2020 05:03:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d825cd1ea4b069f44e0fd1678cfc1b65a1601960615; expires=Thu, 05-Nov-20 05:03:35 GMT; path=/; domain=.imagebin.ca; HttpOnly; SameSite=Lax; Secure PHPSESSID=t2bppqn92hhn9etmuioju0jlq5; path=/
age: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 059de4377d00002b1aedb3a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5ddcd638ce1c2b1a-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
assets.vocti.ca/css/ 88 KB
13 KB 113ms
74ms Stylesheet
text/css 2606:4700:3031::6818:6338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vocti.ca/css/bootstrap.min.css
Requested by: Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:6338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46cd04e8ce9ebda339e33cff378838f625fc9cba0925a785430eaf3be684f760

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 059de4389500001f2904a66200000001
last-modified: Sat, 28 Apr 2012 07:45:48 GMT
server: cloudflare
etag: W/"75a5c2ba3124355ea83afd7a56d909f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ddcd63a8c141f29-FRA
x-amz-cf-id: s-Sf5qF_jIwa5DhkC2sxxLxXjfW-OKQ8mxxZXPMyJPiK5Dlew2F4Bw==

GET
H2 200 bootstrap-responsive.min.css
assets.vocti.ca/css/ 8 KB
2 KB 119ms
80ms Stylesheet
text/css 2606:4700:3031::6818:6338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vocti.ca/css/bootstrap-responsive.min.css
Requested by: Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:6338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b74e14036e39c6ab3ddbe6319e6b76305d53b090c375947b83f4eced82f5ad

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 5345148f0ba8ae3c67b69d035acdbfc5.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS50-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 059de4389500001f2904a67200000001
last-modified: Sat, 28 Apr 2012 07:45:48 GMT
server: cloudflare
etag: W/"67e4cc9fb4c0d0d5deda1aa9e5b15cb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ddcd63a8c171f29-FRA
x-amz-cf-id: IPDsi8R4MjRaq2gaQrkX2HTPwYPLlpcV3KnITO-YWu7_NQLOOWlXgw==

GET
H2 200 5clVBafdIi9o.jpg
ibin.co/ 137 KB
138 KB 233ms
205ms Image
image/jpeg 2606:4700:3033::ac43:bcde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibin.co/5clVBafdIi9o.jpg

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:bcde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e00c2eda5b5a457241aa26380e858c0cb78380fc118a4f2b0c4d54d7a8f9728

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
vary: Accept-Encoding
content-length: 140031
cf-request-id: 059de4388b00002c3ec4976200000001
last-modified: Mon, 05 Oct 2020 07:22:38 GMT
server: cloudflare
etag: CMzy6cb1nOwCEAE=
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, s-maxage=604800, must-revalidate
accept-ranges: bytes
cf-ray: 5ddcd63a7c172c3e-FRA

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_US/i/btn/ 1 KB
2 KB 111ms
26ms Image
image/gif 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1623483
x-cache: HIT, HIT
status: 200
content-length: 1447
x-served-by: cache-sjc10068-SJC, cache-hhn4063-HHN
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: Apache
x-timer: S1601960616.148480,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 4, 11156

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
307 B 111ms
26ms Image
image/gif 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 17227799
x-cache: HIT, HIT
status: 200
surrorage-key: /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr /en_US/i /en_US
content-length: 43
x-served-by: cache-lax8622-LAX, cache-hhn4063-HHN
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: Apache
x-timer: S1601960616.148458,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 203418

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 25ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 059de4387f0000dfd7ab9c1200000001
last-modified: Thu, 01 Oct 2020 22:18:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f7655a1-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5ddcd63a6df9dfd7-FRA
expires: Thu, 08 Oct 2020 05:03:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef4cd3ab447b974c25cf3809cdc3251b2b70891882b723799695c97e60520a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45702
x-xss-protection: 0
server: cafe
etag: 1580039312519679628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H2 200 imagebin.js Show response
imagebin.ca/ 3 KB
1 KB 189ms
187ms Script
application/javascript 2606:4700:3033::6812:2caa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imagebin.ca/imagebin.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6812:2caa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70a552575952d5118084fbd310183d26d581ab4b077f1638bacc963f56e5d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4052
status: 200
vary: Accept-Encoding
cf-request-id: 059de4389000002b1aedb42200000001
last-modified: Thu, 26 Oct 2017 18:30:32 GMT
server: cloudflare
etag: W/"fd4-55c775e080200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 5ddcd63a89e12b1a-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.js Show response
assets.vocti.ca/js/ 21 KB
6 KB 69ms
63ms Script
text/javascript 2606:4700:3031::6818:6338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vocti.ca/js/bootstrap.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:6338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1eea68cae3dff02777a83498c1c27a535c6f93544914ccd4a0cb07579701031

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 059de4389500001f2904a68200000001
last-modified: Sat, 28 Apr 2012 07:45:51 GMT
server: cloudflare
etag: W/"fd05443113803e29e5715fd37fd878aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 5ddcd63a8c181f29-FRA
x-amz-cf-id: YTF0P7fXRFzIKhEieWSD8gLVQwR_p_KwEahPgClQLYiR-a3Rkcw4Cg==

GET
H2 200 jquery.sharrre-1.3.4.min.js Show response
assets.vocti.ca/js/ 10 KB
5 KB 71ms
65ms Script
text/javascript 2606:4700:3031::6818:6338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vocti.ca/js/jquery.sharrre-1.3.4.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:6338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4134ec209787953cbc3a1f2748626b49efd9cb78e596a4b97f212ab25cc5054f

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 059de4389500001f2904a69200000001
last-modified: Wed, 07 Aug 2013 07:33:09 GMT
server: cloudflare
etag: W/"b3dfa9d2c948dc368b5755c87cddd868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 5ddcd63a8c191f29-FRA
x-amz-cf-id: MgIGG2KLcw2YAcrOk0aekLe8-b5QpcE2UPI5LfxaQmn2zDUdqAYxtw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 15:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48718
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 15:31:38 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 27ms
13ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 462358
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3980
cf-request-id: 059de4389d00001f1dd7b68200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
etag: "5eb03f26-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960616"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5ddcd63a98741f1d-FRA
expires: Sun, 26 Sep 2021 05:03:36 GMT

GET
H2 200 piwik.js Show response
imagebin.ca/ 61 KB
20 KB 189ms
188ms Script
application/javascript 2606:4700:3033::6812:2caa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imagebin.ca/piwik.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6812:2caa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4650777dc8423f9b049590c66b41b52e1fc46374521204edc317269288c6d259

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=62831
status: 200
vary: Accept-Encoding
cf-request-id: 059de4398500002b1aedb57200000001
last-modified: Mon, 15 May 2017 05:11:53 GMT
server: cloudflare
etag: W/"f56f-54f8917dc9840-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960617"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 5ddcd63c0ccd2b1a-FRA
cf-bgj: minify

GET
H/1.1 200
OK embed.js Show response
imagebin.disqus.com/ 69 KB
23 KB 460ms
395ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://imagebin.disqus.com/embed.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

af1d38d79aa92f153e0a13d044168952b529b4e8f5e90450bbd4f0f49056c382

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:36 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22927

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef4cd3ab447b974c25cf3809cdc3251b2b70891882b723799695c97e60520a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45702
x-xss-protection: 0
server: cafe
etag: 1580039312519679628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/4196)
Age: 302
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-29Tw4NRLc3iBsLUmR4ZAXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9d5cd1be658ea5e8c43387860482a354"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-29Tw4NRLc3iBsLUmR4ZAXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cfd51f47585a3cae164a5af19359deb30cc3b97b48d0cc2f432329173bee0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: be6TqPUc10AIVhvOYiFTHQ==
status: 200
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Oct 2020 05:22:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "04a23f8fe17da64729d814ea1709d2f4"
x-fb-debug: F83W2W1wirXrwngghayejMYRCLkTDEG9D7VV/Jl+PH4cRXgMOeGjC04lzVmtzY6rdB8/sjoMI8IPETM3/5+rNg==
x-fb-trip-id: 664085054
x-fb-content-md5: bfd5da6996a91ddf7c6354ccba213310
date: Tue, 06 Oct 2020 05:03:36 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2378
date: Tue, 06 Oct 2020 04:23:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 06 Oct 2020 06:23:58 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/ 230 KB
87 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88649
x-xss-protection: 0
server: cafe
etag: 14171272713373412384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/ Frame A0ED 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201001/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 05 Oct 2020 17:14:50 GMT
expires: Mon, 19 Oct 2020 17:14:50 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 42526
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=ef9f0c3f8bd9f66fbc4214bd6561c29b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65b685de2e3d9483f700f3a30c72ba5eb54654584c0817765e9c5fed620b1fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://imagebin.ca
Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZyJagRK3B2c7tPenWYMVgw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59871
etag: "959460c3d7115ee4afb9a26294c1e2c3"
x-fb-debug: PdNoxV/cs0x8NuaMZG9klA3YoMJAvRBKTMRsEnOj/0+lw7tCCFpxxHMZD/MbIZRTJZjyikQXLBVoKtCTstH26w==
x-fb-trip-id: 664085054
x-fb-content-md5: ca7c037945d0815cac0e7a30ac0e3cdb
x-frame-options: DENY
date: Tue, 06 Oct 2020 05:03:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 06 Oct 2021 03:24:46 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 077B 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fimagebin.ca
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 36304
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Oct 2020 05:03:36 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 140 KB
49 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 09:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 71159
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50000
x-xss-protection: 0
expires: Tue, 05 Oct 2021 09:17:37 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 97 KB
34 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4250d2e93e23de1be0aa5fadca3cd72d3e1f92337f3ce9947e7afe29cdfec0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 70921
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34307
x-xss-protection: 0
expires: Tue, 05 Oct 2021 09:21:35 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 3F59 0
0 63ms
60ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fimagebin.ca&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4w0rweJ6xTOkcLNemk7fvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fimagebin.ca&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=joLbIgutMKyb3KC-FimSrX5IpJ__nao6REnkHyCzaPPG3W10jKKqC9DIvgHsb1ezdI-WW6rDqoUNl1BhCK22pbv_iXl6jHS2kViAw289FtNe8GlrC5cLVNWdKWy3RnRlM6QudYiKsbT7hH6OBwMowfxKuf5yX-yHzaq2IBztvMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Oct 2020 05:03:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-4w0rweJ6xTOkcLNemk7fvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
386 B 53ms
39ms Image
image/gif 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=351577369&utmhn=imagebin.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Imagebin%20-%20Somewhere%20to%20Store%20Random%20Things&utmhid=1438524570&utmr=-&utmp=%2Fv%2F5clVBafdIi9o&utmht=1601960616404&utmac=UA-449785-6&utmcc=__utma%3D93055109.1429444953.1601960616.1601960616.1601960616.1%3B%2B__utmz%3D93055109.1601960616.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1294456714&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 05:03:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/4196)
Age: 36303
Etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 36ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=306550659491641&input_token&origin=1&redirect_uri=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=ef9f0c3f8bd9f66fbc4214bd6561c29b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: nnDHC0j/jALHLTZqwHpiisJ96PorvZlW8q7ov0zcJ4ii7RFnitwOPLZKrpdoUyFCUIqBJ4ma1B/hOkYeeOQ9rQ==
fb-s: unknown
status: 200
date: Tue, 06 Oct 2020 05:03:36 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imagebin.ca
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imagebin.ca

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imagebin.ca

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame AB83 0
0 25ms
25ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9373520041&adk=411157815&adf=2894146323&w=1027&fwrn=4&fwrnh=100&lmt=1601960616&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1027x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616338&bpp=15&bdt=293&idt=145&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4758352363171&frm=20&pv=2&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=8602529962&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WGhnIjoqcB&p=https%3A//imagebin.ca&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9373520041&adk=411157815&adf=2894146323&w=1027&fwrn=4&fwrnh=100&lmt=1601960616&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1027x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616338&bpp=15&bdt=293&idt=145&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4758352363171&frm=20&pv=2&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=8602529962&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WGhnIjoqcB&p=https%3A//imagebin.ca&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 06 Oct 2020 05:03:36 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Oct-2020 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201001&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e690e16fd61e96c6b201f0b3e229ca46115c0049c0bb849d79732cc8b2fb1b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6651
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601897795664432"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 1967 0
0 78ms
78ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=306550659491641&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8f6dcaceb9e9c%26domain%3Dimagebin.ca%26origin%3Dhttps%253A%252F%252Fimagebin.ca%252Ff3a5ebc416a3f2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&layout=button_count&locale=en_US&sdk=joey&width=150

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=ef9f0c3f8bd9f66fbc4214bd6561c29b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=306550659491641&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8f6dcaceb9e9c%26domain%3Dimagebin.ca%26origin%3Dhttps%253A%252F%252Fimagebin.ca%252Ff3a5ebc416a3f2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&layout=button_count&locale=en_US&sdk=joey&width=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
timing-allow-origin: *
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: tTjK7MVjhtBsw6eMm+O9kXHz+H7HiO7Hh6K07kP1rxYoTZ+A908TCFnujorM3X4pzos4jYE0lRtuYLJXprVCoA==
date: Tue, 06 Oct 2020 05:03:36 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame C230 0
0 25ms
25ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9979942448&adk=2156082398&adf=70166193&w=336&lmt=1601960616&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616353&bpp=3&bdt=309&idt=163&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=72ABtQ8qnB&p=https%3A//imagebin.ca&dtd=166

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0367252804969302&output=html&h=280&slotname=9979942448&adk=2156082398&adf=70166193&w=336&lmt=1601960616&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616353&bpp=3&bdt=309&idt=163&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=72ABtQ8qnB&p=https%3A//imagebin.ca&dtd=166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 06 Oct 2020 05:03:36 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Oct-2020 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame AB0A 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 36289
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Oct 2020 05:03:36 GMT
Etag: "fa16f6b5a5d1ee2100b485fa457112a6+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4196)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13661

GET
H/1.1 200
OK tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 459A 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 36302
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Oct 2020 05:03:36 GMT
Etag: "076dccdedb34f3771be52190b917884e+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12263

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame F028 0
0 60ms
40ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimagebin.ca&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nllZ+mIo4G4lg6i0eHRm7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimagebin.ca&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=joLbIgutMKyb3KC-FimSrX5IpJ__nao6REnkHyCzaPPG3W10jKKqC9DIvgHsb1ezdI-WW6rDqoUNl1BhCK22pbv_iXl6jHS2kViAw289FtNe8GlrC5cLVNWdKWy3RnRlM6QudYiKsbT7hH6OBwMowfxKuf5yX-yHzaq2IBztvMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Oct 2020 05:03:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-nllZ+mIo4G4lg6i0eHRm7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A2C3 0
0 16ms
15ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0367252804969302&output=html&adk=1812271804&adf=3025194257&lmt=1601960616&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616357&bpp=1&bdt=313&idt=217&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280%2C336x280&nras=1&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0367252804969302&output=html&adk=1812271804&adf=3025194257&lmt=1601960616&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1601960616357&bpp=1&bdt=313&idt=217&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1027x280%2C336x280&nras=1&correlator=4758352363171&frm=20&pv=1&ga_vid=1429444953.1601960616&ga_sid=1601960616&ga_hid=1438524570&ga_fc=1&iag=0&icsg=2207625785514&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467&oid=3&pvsid=1730965006338021&pem=542&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 06 Oct 2020 05:03:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUn5dFihibGiYO347CT_Gfy5TKlg7esImuTudZO5zXybgNGDzBTtk66muThN; expires=Sun, 31-Oct-2021 05:03:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Oct 2020 05:03:36 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Tue, 06 Oct 2020 05:03:36 GMT

GET
H2 200 piwik.php
imagebin.ca/ 43 B
155 B 335ms
335ms Image
image/gif 2606:4700:3033::6812:2caa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagebin.ca/piwik.php?action_name=Imagebin%20-%20Somewhere%20to%20Store%20Random%20Things&idsite=5&rec=1&r=037585&h=7&m=3&s=36&url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&_id=56ba037a31e1a76d&_idts=1601960617&_idvc=1&_idn=0&_refts=0&_viewts=1601960617&send_image=1&cookie=1&res=1600x1200&gt_ms=237&pv_id=WWHEiM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6812:2caa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.30

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601960617"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
status: 200
cf-ray: 5ddcd63dc91a2b1a-FRA
content-length: 43
cf-request-id: 059de43a9a00002b1aedb69200000001

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 1487 0
0 22ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imagebin.ca/v/5clVBafdIi9o
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 05 Oct 2020 22:06:52 GMT
expires: Tue, 05 Oct 2021 22:06:52 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25004
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame B9EF
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://imagebin.ca
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 36303
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Oct 2020 05:03:36 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B3)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 06 Oct 2020 05:03:36 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 06 Oct 2020 05:03:36 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 64dd1656e13ac463967150218fb3bbce
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 121
x-transaction: 009d3ff200688f59
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 lounge.d70637fa1c39d358d2553bf476f09a98.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 29ms
13ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.d70637fa1c39d358d2553bf476f09a98.css

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29988
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 22103
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 20:15:50 GMT
server: cloudflare
etag: "5f7b7ef6-5657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43b7b000005d8868df200000001
accept-ranges: bytes
cf-ray: 5ddcd63f29e405d8-FRA
expires: Tue, 05 Oct 2021 20:43:43 GMT

GET
H2 200 common.bundle.e07f4f02bedd02259fb3f3e092970560.js
c.disquscdn.com/next/embed/ 0
88 KB 30ms
14ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e07f4f02bedd02259fb3f3e092970560.js

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3199398
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 89940
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Sun, 30 Aug 2020 04:13:44 GMT
server: cloudflare
etag: "5f4b2778-15f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43b7b000005d8868e0200000001
accept-ranges: bytes
cf-ray: 5ddcd63f29e605d8-FRA
expires: Mon, 30 Aug 2021 04:20:17 GMT

GET
H2 200 lounge.bundle.209cc36535667166f5372bd024220e96.js
c.disquscdn.com/next/embed/ 0
113 KB 39ms
24ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.209cc36535667166f5372bd024220e96.js

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29988
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 115097
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 20:15:49 GMT
server: cloudflare
etag: "5f7b7ef5-1c199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43b7b000005d8868e1200000001
accept-ranges: bytes
cf-ray: 5ddcd63f29e705d8-FRA
expires: Tue, 05 Oct 2021 20:43:43 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
8 KB 111ms
37ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:36 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 3
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 7281
X-XSS-Protection: 1; mode=block

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201001&jk=1730965006338021&bg=!YWKlYnpYTWunQEZSJWUCAAAAflIAAAASCgF4S8sQKAOy_dvlPZckx_Cg5QFHidoKWeQxv5eD_kAiDMAnzqQo1KraICWzz-BUklQtKytjm2HGyIC5XEiHvIFgk14GPXdtuJNtJRmcg00cAJvPgKjuO7zJpJnTVWEKhLANq6Ngd6bZdoTJbd4fEZijcymlwVIG90nl0fhoLnOk-F40krQ5kJm_QKm-dUaLuTsjhsxFJ47gb62DtvbA4sQrEVtEyksTWPgwnoNwRL4oY9d_pOpF-j_ZlW44uAVSRmH6aWQpzKgx2MkU4fupoKu_dI8OZW5VVruOMmZnWbvNQWav1lrKUxNMrzODdUcKVcqc8l8yhktdsQw4BhXr6ZyOQi3gCAeZAPm6rNM2oBjdQMNj_SdlV1n83zewLn4Hkq3vWP3YAFGno7eYPJ5_f7OCm6zckqGUV0YJUzJH92xR-wrG_cWKiFOdb8TqmdZWK4H3UjNSTxOG46LAD3w1ZbUav4DVH6686mxwwwEALPoJxfVU8NFXY_eaG5kB1VOc0b3t2xEXGLLu0Lkc5e8Dda-NUZ5bj3dO2NibMa1BXf0V2pSE7_sseRYtcSrWEgdZjT1R_hkkHZZBgZDS1qwIY7ph8dOVV_t86rNIF2mFozNVda08y4KE4Qegv4fMbWZXMrs0woSpJ5fj5X7ovyleHe9OhN_wa8APqD8cLiwl5MmeIdeiV-n6IdEqDPpF9zTmxtfXqbGqBoKz6Jh6L3CMDz-0XONR071EjMTe6BXlD0PYx1FAPqpaisUrXWpgcEPCHSqPZ8lwomx66IXUAmzKkZbAYw8yQudAsUQv6B6Sztsnievf2YOpt_gXE792XlpqAqcR7NjhUBTPemVakm1EYXewWU5ixKH-tMRcWbq3NnPp3qhtJ6y5g5E3iVyj_KgmCtqUGfCVRDukfrwgwgdmKejlHXjbYCPrGCemRtjBLukP35hXaq8OilaXw9Hf2O0djlyGZXErHA2oGmZw5QsQid1oGpM5zYJbAQN_WAQTGRmj8EWGZP3AHN3qsYicqeh9cUyrGkyY8ArGGCJhVsmszVp12UBZOfBeEENCAQZk8kvWfEnrESVQiBvsbyVvK5XSRmRiYLzinGt-cAbGqIu5uqQMhHfhHS7JdcvA_r1X31eONHU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 05:03:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame BC72 0
0 267ms
267ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=imagebin&t_i=5clVBafdIi9o&t_u=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&t_e=How%20Mutual%20fund%20software%20is%20transforming%20the%20investment%20pattern%3F&t_d=Imagebin%20-%20Somewhere%20to%20Store%20Random%20Things&t_t=How%20Mutual%20fund%20software%20is%20transforming%20the%20investment%20pattern%3F&s_o=default

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Connection: keep-alive
Content-Length: 2675
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 05 Oct 2020 07:22:58 GMT
ETag: W/"lounge:view:8227243447.fb5c611fc1be6a0340acb144a9dc8fd0.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Tue, 06 Oct 2020 05:03:37 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 disqus-social-icon-dark.9a297ec866f5b7eed39d90aa34a38e85.svg
c.disquscdn.com/next/embed/assets/img/ 557 B
738 B 15ms
15ms Image
image/svg+xml 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.9a297ec866f5b7eed39d90aa34a38e85.svg

Requested by

Host: imagebin.ca
URL: https://imagebin.ca/v/5clVBafdIi9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a166e39ce2e958e69b267989a411b21709a55f17704f1c8975d970c2ba9e6196

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11839753
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 557
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 04 Sep 2019 23:32:23 GMT
server: cloudflare
etag: "5d704987-22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43bdd000005d8868ea200000001
accept-ranges: bytes
cf-ray: 5ddcd63fcb7f05d8-FRA
expires: Thu, 03 Sep 2020 23:38:55 GMT

GET
H/1.1 200
OK /
tempest.services.disqus.com/ads-iframe/taboola/ Frame 714C 0
0 267ms
207ms Document
text/html 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=imagebin&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&typeface=sans-serif&disqus_version=c4c67d6
Requested by: Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Connection: keep-alive
Content-Length: 9212
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Tue, 06 Oct 2020 05:03:37 GMT
Age: 0
Vary: Accept-Encoding,

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 209ms
153ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 207ms
151ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1p1r71df1us9n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=imagebin&zone=thread&version=0409767b77e9f4ca47a4b63a4ec27682&page_url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2486331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6383753
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 6605
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 15 Jan 2020 01:04:45 GMT
server: cloudflare
etag: "5e1e652d-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43e42000005d88690b200000001
accept-ranges: bytes
cf-ray: 5ddcd6439bde05d8-FRA
expires: Thu, 14 Jan 2021 09:43:16 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame F862 337 B
403 B 13ms
12ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20897141
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43e5b000005d88690f200000001
accept-ranges: bytes
cf-ray: 5ddcd643cc3b05d8-FRA
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 956E 337 B
334 B 15ms
14ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20897141
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 059de43e5f000005d886910200000001
accept-ranges: bytes
cf-ray: 5ddcd643cc5405d8-FRA
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 362 B
981 B 151ms
76ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&subId=2486331&v=1&jsonp=vglnk_jsonp_16019606175710
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 66e039bce6e6af85b47a1734d923f3cb8da564a5d179b8ea394520789e04016a

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Oct 2020 05:03:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://imagebin.ca
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 362
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
tempest.services.disqus.com/ads-iframe/taboola/ Frame A131 0
0 164ms
163ms Document
text/html 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=imagebin&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&typeface=sans-serif&disqus_version=c4c67d6
Requested by: Host: imagebin.disqus.com
URL: https://imagebin.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imagebin.ca/v/5clVBafdIi9o
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imagebin.ca/v/5clVBafdIi9o

Response headers

Connection: keep-alive
Content-Length: 9214
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Tue, 06 Oct 2020 05:03:37 GMT
Age: 0
Vary: Accept-Encoding,

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 154ms
152ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1p1r71df1us9n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=imagebin&zone=thread&version=0409767b77e9f4ca47a4b63a4ec27682&page_url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=2486331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 156ms
156ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1p1r71df1us9n&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=imagebin&zone=thread&version=0409767b77e9f4ca47a4b63a4ec27682&page_url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2486331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 155ms
154ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1p1r71df1us9n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=imagebin&zone=thread&version=0409767b77e9f4ca47a4b63a4ec27682&page_url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&page_referrer=&object_type=advertisement&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=view&adverb=0ms-no50perc&forum_id=2486331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 150ms
149ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1p1r71df1us9n&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=imagebin&zone=thread&version=0409767b77e9f4ca47a4b63a4ec27682&page_url=https%3A%2F%2Fimagebin.ca%2Fv%2F5clVBafdIi9o&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=2486331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagebin.ca/v/5clVBafdIi9o
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 05:03:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:20:56	Name: IDE Value: AHWqTUn5dFihibGiYO347CT_Gfy5TKlg7esImuTudZO5zXybgNGDzBTtk66muThN
imagebin.ca/	1970-01-19 12:59:22	Name: _pk_ses.5.a412 Value: *
.imagebin.ca/	1970-01-19 12:59:22	Name: __utmb Value: 93055109.1.10.1601960616
.imagebin.ca/	1970-01-19 17:22:08	Name: __utmz Value: 93055109.1601960616.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
imagebin.ca/	1970-01-19 22:25:15	Name: _pk_id.5.a412 Value: 56ba037a31e1a76d.1601960617.1.1601960617.1601960617.
.imagebin.ca/	1969-12-31 23:59:59	Name: __utmc Value: 93055109
.google.com/	1970-01-19 17:22:51	Name: NID Value: 204=joLbIgutMKyb3KC-FimSrX5IpJ__nao6REnkHyCzaPPG3W10jKKqC9DIvgHsb1ezdI-WW6rDqoUNl1BhCK22pbv_iXl6jHS2kViAw289FtNe8GlrC5cLVNWdKWy3RnRlM6QudYiKsbT7hH6OBwMowfxKuf5yX-yHzaq2IBztvMQ
imagebin.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: t2bppqn92hhn9etmuioju0jlq5
.imagebin.ca/	1970-01-20 06:30:32	Name: __utma Value: 93055109.1429444953.1601960616.1601960616.1601960616.1
.imagebin.ca/	1970-01-19 12:59:21	Name: __utmt Value: 1
.imagebin.ca/	1970-01-19 13:42:32	Name: __cfduid Value: d825cd1ea4b069f44e0fd1678cfc1b65a1601960615

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
apis.google.com
assets.vocti.ca
c.disquscdn.com
cdnjs.cloudflare.com
connect.facebook.net
disqus.com
googleads.g.doubleclick.net
ibin.co
imagebin.ca
imagebin.disqus.com
links.services.disqus.com
pagead2.googlesyndication.com
platform.twitter.com
referrer.disqus.com
ssl.google-analytics.com
syndication.twitter.com
tempest.services.disqus.com
tpc.googlesyndication.com
www.facebook.com
www.googletagservices.com
www.paypalobjects.com
104.244.42.136
151.101.112.134
151.101.112.64
151.101.114.133
151.101.12.64
151.101.128.134
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::6818:6338
2606:4700:3033::6812:2caa
2606:4700:3033::ac43:bcde
2606:4700::6810:a723
2606:4700::6811:4f6b
2606:4700::6812:a913
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:806::200d
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200a
2a00:1450:4001:81b::2001
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b74e14036e39c6ab3ddbe6319e6b76305d53b090c375947b83f4eced82f5ad
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e00c2eda5b5a457241aa26380e858c0cb78380fc118a4f2b0c4d54d7a8f9728
4134ec209787953cbc3a1f2748626b49efd9cb78e596a4b97f212ab25cc5054f
4250d2e93e23de1be0aa5fadca3cd72d3e1f92337f3ce9947e7afe29cdfec0ff
4650777dc8423f9b049590c66b41b52e1fc46374521204edc317269288c6d259
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
46cd04e8ce9ebda339e33cff378838f625fc9cba0925a785430eaf3be684f760
4809c78c0f87c47270915d95d0e4f2c55b55c04bfea4bb6a4063acd1760daca4
4cfd51f47585a3cae164a5af19359deb30cc3b97b48d0cc2f432329173bee0fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65b685de2e3d9483f700f3a30c72ba5eb54654584c0817765e9c5fed620b1fca
66e039bce6e6af85b47a1734d923f3cb8da564a5d179b8ea394520789e04016a
6ef4cd3ab447b974c25cf3809cdc3251b2b70891882b723799695c97e60520a6
767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a166e39ce2e958e69b267989a411b21709a55f17704f1c8975d970c2ba9e6196
af1d38d79aa92f153e0a13d044168952b529b4e8f5e90450bbd4f0f49056c382
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
b1eea68cae3dff02777a83498c1c27a535c6f93544914ccd4a0cb07579701031
b70a552575952d5118084fbd310183d26d581ab4b077f1638bacc963f56e5d12
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e690e16fd61e96c6b201f0b3e229ca46115c0049c0bb849d79732cc8b2fb1b00
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

imagebin.ca Open in urlscan Pro 2606:4700:3033::6812:2caa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

74 %IPv6

17 Domains

26 Subdomains

22 IPs

3 Countries

925 kBTransfer

1762 kBSize

11 Cookies

5 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imagebin.ca Open in urlscan Pro
2606:4700:3033::6812:2caa Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

26
Subdomains

22
IPs

3
Countries

925 kB
Transfer

1762 kB
Size

11
Cookies

64 HTTP transactions
0 data transactions