urlscan.io logo urlscan.io
SecurityTrails logo

itsbawa.com Open in urlscan Pro
2a02:4780:b:964:0:1a82:3b37:1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://itsbawa.com/
Effective URL: https://itsbawa.com/
Submission: On September 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 23 domains to perform 82 HTTP transactions. The main IP is 2a02:4780:b:964:0:1a82:3b37:1, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is itsbawa.com.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.
This is the only time itsbawa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 2a02:4780:b:9... 47583 (AS-HOSTINGER)
11 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:239... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.188 16625 (AKAMAI-AS)
1 3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::44 8075 (MICROSOFT...)
1 151.101.65.108 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 185.89.210.20 29990 (ASN-APPNEX)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.157.117.145 16509 (AMAZON-02)
1 6 142.250.186.130 15169 (GOOGLE)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 104.18.26.193 13335 (CLOUDFLAR...)
1 2 23.35.237.56 16625 (AKAMAI-AS)
82 24
19    2a02:4780:b:964:0:1a82:3b37:1 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
itsbawa.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4    2600:9000:2394:9600:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
mlqchzvmg8af.i.optimole.com
8    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs-simple.com
3    2a02:26f0:7100::211:64b2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.157.117.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
Apex Domain
Subdomains		 Transfer
19 itsbawa.com
itsbawa.com
311 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
292 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
198 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
110 KB
4 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 2546
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6584
29 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
4 optimole.com
mlqchzvmg8af.i.optimole.com
57 KB
3 bing.com
www.bing.com — Cisco Umbrella Rank: 87
8 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2022
449 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1171
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
2 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2175
104 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
457 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
363 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
104 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
58 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 7418
36 KB
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 3961
44 KB
1 gstatic.com
fonts.gstatic.com
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
68 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
602 B
82 23
Domain Requested by
19 itsbawa.com 1 redirects itsbawa.com
8 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
itsbawa.com
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
8 securepubads.g.doubleclick.net itsbawa.com
securepubads.g.doubleclick.net
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
8 pagead2.googlesyndication.com itsbawa.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
6 cm.g.doubleclick.net 1 redirects e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 www.google.com 1 redirects tpc.googlesyndication.com
itsbawa.com
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
4 mlqchzvmg8af.i.optimole.com itsbawa.com
3 ams3-ib.adnxs.com acdn.adnxs-simple.com
cdn.adnxs.com
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
3 www.bing.com 1 redirects e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
itsbawa.com
2 sync.teads.tv 1 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 pm.w55c.net 2 redirects
2 i.clean.gg acdn.adnxs-simple.com
2 e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 dis.criteo.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 dclk-match.dotomi.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 www.googletagservices.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 cdn.adnxs.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 adsdk.microsoft.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 acdn.adnxs-simple.com e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 www.googletagmanager.com itsbawa.com
1 partner.googleadservices.com pagead2.googlesyndication.com
82 28

This site contains links to these domains. Also see Links.

Domain
www.ilovewp.com
Subject Issuer Validity Valid
itsbawa.com
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.i.optimole.com
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://itsbawa.com/
Frame ID: D242511DBCD27E255EBABDB127D0F320
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: B09A67B0AB439995B8CD9EAF7A9018EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6527377059910329&output=html&adk=1812271804&adf=3025194257&lmt=1695950694&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fitsbawa.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695954294519&bpp=63&bdt=256&idt=277&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=923215395921&frm=20&pv=2&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31078185&oid=2&pvsid=3782510415247198&tmod=1793830089&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
Frame ID: 3C7FC7815F2F0810F65729F3B5908D3F
Requests: 1 HTTP requests in this frame

Frame: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AEEEB05EB0C3C5FC265B0F1F605CF022
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D7B92D03515D3F34AD5C09E73C1D28D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45DACDB577B8C1B06B4C392E8EF0ED29
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 2A9C48EA33388D75421B9E4744A08A2F
Requests: 13 HTTP requests in this frame

Frame: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A048261EEB8B3B808D0A636DA040A0E
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7A87422FDF38A807EF328503829845B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Its Bawa - lazy sunday dinner ideas,find vegetarian recipes,sweet breakfast ideas

Page URL History Show full URLs

  1. http://itsbawa.com/ HTTP 301
    https://itsbawa.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Page Statistics

82
Requests

91 %
HTTPS

59 %
IPv6

23
Domains

28
Subdomains

24
IPs

5
Countries

1248 kB
Transfer

3187 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://itsbawa.com/ HTTP 301
    https://itsbawa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 58
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f5a835db-27f3-47a0-a081-3d322a155ff0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f519e232-5969-472b-833d-7496841661ea&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D713f329aaec5408996544f37016382ea%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2_ghar&aid=5510853846250092006 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=713f329aaec5408996544f37016382ea&SNR=1&GV=2&med=10
Request Chain 78
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6mAiSwN2eCG27zf4qSrKX_WHT_cmbjHV8M6MSLJC7KckTSuFll8Tull HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6mAiSwN2eCG27zf4qSrKX_WHT_cmbjHV8M6MSLJC7KckTSuFll8Tull HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VldsWjJ6RHkxUU0zYnk1&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6mAiSwN2eCG27zf4qSrKX_WHT_cmbjHV8M6MSLJC7KckTSuFll8Tull
Request Chain 80
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAHInn28e54WrAJrzsLCw4I&google_cver=1&google_push=AXcoOmQ1mH0mUtvegwSNmQtepc7MM392p6GNmxm_yiONBP4r8R4_6odl4LvgJ5Yu21fGcGOLeyaKsSVgBqQdffOdcFmaaq3VXo0- HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAHInn28e54WrAJrzsLCw4I&google_cver=1&google_push=AXcoOmQ1mH0mUtvegwSNmQtepc7MM392p6GNmxm_yiONBP4r8R4_6odl4LvgJ5Yu21fGcGOLeyaKsSVgBqQdffOdcFmaaq3VXo0-&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WB5xMwWwTqybHM1yOPgwTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ1mH0mUtvegwSNmQtepc7MM392p6GNmxm_yiONBP4r8R4_6odl4LvgJ5Yu21fGcGOLeyaKsSVgBqQdffOdcFmaaq3VXo0-
Request Chain 81
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPiTJyGlYCPPpe1j_OATdnA&google_cver=1&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkBX5lARmVV1wEDZQ2iGIRpT81UP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4zWkVFSUYtRi03Q1pS&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkBX5lARmVV1wEDZQ2iGIRpT81UP
Request Chain 82
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_cver=1&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlmjhvypXFtjcMNDQA3rBiqot8d41vEcb_-YRhM65lSUq1FQxRrvNCxQJ8GjQqQfcQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlmjhvypXFtjcMNDQA3rBiqot8d41vEcb_-YRhM65lSUq1FQxRrvNCxQJ8GjQqQfcQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_hm=ZRY1eFAxNCyCf7SWce2ElQAABywAAAAB&google_nid=index&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlmjhvypXFtjcMNDQA3rBiqot8d41vEcb_-YRhM65lSUq1FQxRrvNCxQJ8GjQqQfcQ
Request Chain 83
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM-Kim7BsU0AjSR9jnXepOc&google_cver=1&google_push=AXcoOmRUrjmIrfG6LaEUSFEZQC7ua1a4-PM9f0ZOfmZnj1_o352OwOpT9qAwYDG24H-Lk72W44LW6sC4YV5scU2As8tDRqZ8_i9Gfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRUrjmIrfG6LaEUSFEZQC7ua1a4-PM9f0ZOfmZnj1_o352OwOpT9qAwYDG24H-Lk72W44LW6sC4YV5scU2As8tDRqZ8_i9Gfg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
itsbawa.com/
Redirect Chain
  • http://itsbawa.com/
  • https://itsbawa.com/
310 KB
105 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.0.28
Resource Hash
88bafdda2e75421b13aa3d4b9ad57e5f55f223571cea51bec667d38f1f761361
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 02:24:54 GMT
expires
Fri, 29 Sep 2023 02:24:54 GMT
link
<https://itsbawa.com/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.28

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 29 Sep 2023 02:24:53 GMT
location
https://itsbawa.com/
platform
hostinger
server
LiteSpeed
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6527377059910329
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e757f6e32ffcbdc9720f88055447813e7abc7ab26a34fd545ac0599e8869873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51427
x-xss-protection
0
server
cafe
etag
13899475078488557128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 02:24:54 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6527377059910329&plah=itsbawa.com&bust=31078185
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6527377059910329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cebf58200382002771bc0ee9652e7512a4e7992220d6851626387a6e2da04cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131246
x-xss-protection
0
server
cafe
etag
12883511400096377038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 02:24:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame B09A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6527377059910329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
25676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 19:16:58 GMT
etag
2603938475786422795
expires
Thu, 12 Oct 2023 19:16:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frontend-blocks.js
itsbawa.com/wp-content/plugins/simple-social-buttons/assets/js/ 		0
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 22 Jul 2023 17:17:15 GMT
server
LiteSpeed
etag
"0-64bc0f1b-5fbac57310e7a92a;;;"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
0
expires
Fri, 06 Oct 2023 02:24:54 GMT
38f742cf3403f6c37f9b0d60f55bb4f2.js
itsbawa.com/wp-content/cache/debloat/js/ 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/cache/debloat/js/38f742cf3403f6c37f9b0d60f55bb4f2.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 15 Aug 2023 14:32:15 GMT
server
LiteSpeed
etag
"18aee-64db8c6f-eba2250173b22807;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
33264
expires
Fri, 06 Oct 2023 02:24:54 GMT
ced9c4e16e90ae470de8cd6a705d9c9a.js
itsbawa.com/wp-content/cache/debloat/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/cache/debloat/js/ced9c4e16e90ae470de8cd6a705d9c9a.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1c653354ff5f5d33d4f584291d563138c565e4647eabd83ab9a3cf0665c911d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 02 Aug 2023 09:39:24 GMT
server
LiteSpeed
etag
"b43-64ca244c-e23e92c6f135ad4a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
1074
expires
Fri, 06 Oct 2023 02:24:54 GMT
optimole_lib_no_poly.min.js
mlqchzvmg8af.i.optimole.com/js-lib/v2/latest/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlqchzvmg8af.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:9600:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 08:34:52 GMT
content-encoding
gzip
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
last-modified
Mon, 18 Sep 2023 08:33:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
928203
etag
W/"0eb89ca19c4471edb661005556332adc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zpaXL7yxbJjYVybiCcXwmgomJYwZ4bHWVfPnWuxxpkWzo9MlXD9Pkg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6527377059910329&host=ca-host-pub-2644536267352236
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7932ad83fdd0622512869ef8e1324b20d95e8f0b26ff90d5112997cffbb0137c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51568
x-xss-protection
0
server
cafe
etag
5409822968789415930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 02:24:54 GMT
newsreader-v7-latin-regular.woff2
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/newsreader-v7-latin-regular.woff2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
624cde597eca3d6f239fa030922a186f6361bcea38ef36267d0ca812c6d945c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"5410-63cbec30-5b7e4d43b2967aa5;;;"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
21520
expires
Fri, 06 Oct 2023 02:24:54 GMT
montserrat-v23-latin-600.woff2
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/montserrat-v23-latin-600.woff2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ae308e0f954dd9a45304361e81dffc8a3893584af53b9779722bbb51a7c71e08
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"315c-63cbec30-ef43ac752d77feaf;;;"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
12636
expires
Fri, 06 Oct 2023 02:24:54 GMT
icomoon.ttf
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		3 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/icomoon.ttf?nw1ubk
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7cbc2438a8d8a681cbdaacd18d52d9452fe3f355e10b5539a3f50ed8fe776336
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"c4c-63cbec30-889c5b94b87784fb;br"
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
1704
expires
Fri, 06 Oct 2023 02:24:54 GMT
newsreader-v7-latin-600.woff2
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/newsreader-v7-latin-600.woff2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cd265f018e8c987adb80c2564378af30acab3f9b44e4c15c4aa8671d3e9a0545
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"5980-63cbec30-7d50f1e39bd2ccee;;;"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
22912
expires
Fri, 06 Oct 2023 02:24:54 GMT
montserrat-v23-latin-500.woff2
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/montserrat-v23-latin-500.woff2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d820d5dfd8e04c7fc43530a20e0d9759f3f398f02bb57046fbbcae5ecce469a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"3198-63cbec30-eb9b56f9467102e3;;;"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
12696
expires
Fri, 06 Oct 2023 02:24:54 GMT
cropped-itsbawa.com_.webp
mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:500/h:125/q:mauto/f:best/https://itsbawa.com/wp-content/uploads/2023/05/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:500/h:125/q:mauto/f:best/https://itsbawa.com/wp-content/uploads/2023/05/cropped-itsbawa.com_.webp
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:9600:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
aa4c8cac1550a9afaa1b33e95c7000d83f7f0763fb91bf680f3310dae8513d9e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 07:49:00 GMT
content-security-policy
script-src 'none'
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
66954
x-cache
Hit from cloudfront
content-disposition
inline; filename="cropped-itsbawa.com_.webp"
alt-svc
h3=":443"; ma=86400
content-length
10632
x-request-id
nZuzLPozecbwyCZdnf_Uw
server
Optimole
accept-ch
ECT
etag
"Jsh41RjycAX-kvaA3x98do7aLCzErPfXdB8Ou8S4iqM/RIjJhMGI5MWZmYTYyOWFjOWRjODY2MDAyMWRlYzE5MTVmIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
Y4iGEgGFCWVZDou9VjYtxnZefGgAaRB0oHvUiuB05hFAmREuqM4ZVg==
expires
Fri, 27 Sep 2024 07:49:00 GMT
Chicken-Marsala-1.jpg
mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:410/h:410/q:mauto/rt:fill/g:ce/f:best/https://itsbawa.com/wp-content/uploads/2023/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:410/h:410/q:mauto/rt:fill/g:ce/f:best/https://itsbawa.com/wp-content/uploads/2023/04/Chicken-Marsala-1.jpg
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:9600:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
610307a1a9916e31c6e47353555eacee8ce4cb922fe3ce1a97c8924a530dc1f5
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 07:49:01 GMT
content-security-policy
script-src 'none'
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
66953
x-cache
Hit from cloudfront
content-disposition
inline; filename="Chicken-Marsala-1.webp"
alt-svc
h3=":443"; ma=86400
content-length
22846
x-request-id
V_GbTOwRdnCCL0pEPIkPv
server
Optimole
accept-ch
ECT
etag
"o8CfssVJDYf7xsr7tevYe8l8Dg4z3_YGapeDwzRd5jE/RIjhmNDc2OGZiMTQyMjBhNjEzYTllODFkZDMxYTExYTkzIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
Ja3mVntRY-inTS1eE4qFOyIq7q1BcKqICj9fSIkEJIgEGQX27sD99w==
expires
Fri, 27 Sep 2024 07:49:01 GMT
Grandma-Chicken-Noodle-Soup-1.webp
mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:410/h:410/q:mauto/rt:fill/g:ce/f:best/https://itsbawa.com/wp-content/uploads/2023/04/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlqchzvmg8af.i.optimole.com/cb:Yd1H.1debf/w:410/h:410/q:mauto/rt:fill/g:ce/f:best/https://itsbawa.com/wp-content/uploads/2023/04/Grandma-Chicken-Noodle-Soup-1.webp
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:9600:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
18bdf10bc50a7bc3c4e9e74ca28f75511caebb904d3af6720eb0f95459953dff
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 07:49:01 GMT
content-security-policy
script-src 'none'
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
66953
x-cache
Hit from cloudfront
content-disposition
inline; filename="Grandma-Chicken-Noodle-Soup-1.webp"
alt-svc
h3=":443"; ma=86400
content-length
18862
x-request-id
iYdUwAu9bqrfhY29ck9gv
server
Optimole
accept-ch
ECT
etag
"fMSIO7EFleOjWL_geR2stf-aTb-X2Z3hE7Pg8ThgDao/RImMwZTY2MWM3ODVjYTQ0NmY1MTIzMzI5NTBjNDU4MWU5Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
nQLZquBQAhJn5RoaqJPIYQA32i-ECiNJyATDwCuaNrqMMXcCQ1wTzA==
expires
Fri, 27 Sep 2024 07:49:01 GMT
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3246a9106fd3dc1b6eb814c4b65fd0830b1a6412a47ff217a0e487bbbe4cd4b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2beef06223d6ede7b92e9931ee927a76fa8b06a837a0d2181bf974a098d9ec1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9968c91eee37bb98a51c2921bf6b79d3854bc606f0600afd581cb4735e5c69e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29351
x-xss-protection
0
server
cafe
etag
862 / 19629 / m202309210101 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 02:24:54 GMT
montserrat-v23-latin-regular.woff2
itsbawa.com/wp-content/themes/nutmeg/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/themes/nutmeg/fonts/montserrat-v23-latin-regular.woff2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://itsbawa.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:44:16 GMT
server
LiteSpeed
etag
"3168-63cbec30-1b8a735abe605f57;;;"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
12648
expires
Fri, 06 Oct 2023 02:24:54 GMT
b38cdc7185502c9ab6aa6e4a7fe13482.js
itsbawa.com/wp-content/cache/debloat/js/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/cache/debloat/js/b38cdc7185502c9ab6aa6e4a7fe13482.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fcc7eca0021cf07d4bd8c4a5c522a8568b779e97322979fdd066668a3b5d495b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 08 Aug 2023 21:00:19 GMT
server
LiteSpeed
etag
"cf58-64d2ace3-cadee26b181e5da0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
13838
expires
Fri, 06 Oct 2023 02:24:54 GMT
a504b8be44ef82670f68afaf0a38abd0.js
itsbawa.com/wp-content/cache/debloat/js/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/cache/debloat/js/a504b8be44ef82670f68afaf0a38abd0.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 02 Aug 2023 08:02:55 GMT
server
LiteSpeed
etag
"5db-64ca0daf-c9676c0eabf8da2d;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
667
expires
Fri, 06 Oct 2023 02:24:54 GMT
846af37338807aa8b54beb3666931f43.js
itsbawa.com/wp-content/cache/debloat/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/cache/debloat/js/846af37338807aa8b54beb3666931f43.js
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
245105bfe43ccb81c0d3e2acd7ccdb5584b65e7615b3a26d262022378e5638ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Sep 2023 04:58:03 GMT
server
LiteSpeed
etag
"41b0-64ffefdb-562bdc6fff1277d;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
3339
expires
Fri, 06 Oct 2023 02:24:54 GMT
style.min.css
itsbawa.com/wp-includes/css/dist/block-library/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 15 Aug 2023 14:30:42 GMT
server
LiteSpeed
etag
"19824-64db8c12-7d79631fe0b40166;br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
12669
expires
Fri, 06 Oct 2023 02:24:54 GMT
0c3ef5375424ae2733705139f7f282ab.css
itsbawa.com/wp-content/uploads/hummingbird-assets/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/uploads/hummingbird-assets/0c3ef5375424ae2733705139f7f282ab.css
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 20 Sep 2023 18:36:53 GMT
server
LiteSpeed
etag
"22092-650b3bc5-46827c5c4b64d03b;br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
12555
expires
Fri, 06 Oct 2023 02:24:54 GMT
dashicons.min.css
itsbawa.com/wp-includes/css/ 		0
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-includes/css/dashicons.min.css
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 21 Jan 2023 13:22:50 GMT
server
LiteSpeed
etag
"e688-63cbe72a-2c712b8be8556e0f;br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
35099
expires
Fri, 06 Oct 2023 02:24:54 GMT
9166800961ddec96fd73db45d4015d48.css
itsbawa.com/wp-content/uploads/hummingbird-assets/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/uploads/hummingbird-assets/9166800961ddec96fd73db45d4015d48.css
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 20 Sep 2023 18:36:54 GMT
server
LiteSpeed
etag
"11d39-650b3bc6-aec2822b24082e56;br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
11563
expires
Fri, 06 Oct 2023 02:24:54 GMT
delay-load.min.js
itsbawa.com/wp-content/plugins/debloat/inc/delay-load/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsbawa.com/wp-content/plugins/debloat/inc/delay-load/js/delay-load.min.js?ver=1.2.3
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:964:0:1a82:3b37:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
98b3f307a592154d8029581be6fa886f72839f6b918ef689581310ace8b6480c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 24 Aug 2023 12:02:21 GMT
server
LiteSpeed
etag
"ce3-64e746cd-948b0383b52008d7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
1343
expires
Fri, 06 Oct 2023 02:24:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=itsbawa.com&callback=_gfp_s_&client=ca-pub-6527377059910329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6527377059910329&plah=itsbawa.com&bust=31078185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99d58b848f33bb10b04f3c7a580e53ad53cf25cbe2f43eef9179f1b33d02b39b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3C7F 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6527377059910329&output=html&adk=1812271804&adf=3025194257&lmt=1695950694&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fitsbawa.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695954294519&bpp=63&bdt=256&idt=277&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=923215395921&frm=20&pv=2&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31078185&oid=2&pvsid=3782510415247198&tmod=1793830089&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6527377059910329&plah=itsbawa.com&bust=31078185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 02:24:54 GMT
expires
Fri, 29 Sep 2023 02:24:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 22:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13549
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132106
x-xss-protection
0
server
cafe
etag
17184539905708832606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 27 Sep 2024 22:39:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3782510415247198&correlator=391997625099551&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=22912165821%2CSide&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=2&sfv=1-0-40&sc=1&cookie=ID%3D39872c9349c6dc24-22336cbcacde00ad%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MZjLJOWQ0QSUlgdsMM0V3A16DXYPA&gpic=UID%3D00000c882013755a%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MaP-avxkBIvuuOMDu3V894sd0jBvw&abxe=1&dt=1695954295020&lmt=1695950695&adxs=1100&adys=3782&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsbawa.com%2F&vis=1&psz=300x400&msz=300x400&fws=0&ohw=0&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=false&dlt=1695954294263&idt=719&adks=2118603441&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10974f78c81746779ef983a8086cb12a3c67c99c4b2bd0065c09a9b468739d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsbawa.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		376 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3782510415247198&correlator=391997625099551&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=22912165821%2CDesktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x300&ifi=3&sfv=1-0-40&sc=1&cookie=ID%3D39872c9349c6dc24-22336cbcacde00ad%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MZjLJOWQ0QSUlgdsMM0V3A16DXYPA&gpic=UID%3D00000c882013755a%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MaP-avxkBIvuuOMDu3V894sd0jBvw&abxe=1&dt=1695954295029&lmt=1695950695&adxs=200&adys=9696&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsbawa.com%2F&vis=1&psz=850x300&msz=850x300&fws=0&ohw=0&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=false&dlt=1695954294263&idt=719&adks=1784568907&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7485e4dbb924416bbe59d3211d350e544c89d83682f480e54ea91cb8959fa917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsbawa.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		376 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3782510415247198&correlator=391997625099551&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=22912165821%2CDesktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x300&ifi=4&sfv=1-0-40&sc=1&cookie=ID%3D39872c9349c6dc24-22336cbcacde00ad%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MZjLJOWQ0QSUlgdsMM0V3A16DXYPA&gpic=UID%3D00000c882013755a%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MaP-avxkBIvuuOMDu3V894sd0jBvw&abxe=1&dt=1695954295032&lmt=1695950695&adxs=200&adys=5788&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsbawa.com%2F&vis=1&psz=850x300&msz=850x300&fws=0&ohw=0&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=false&dlt=1695954294263&idt=719&adks=268601446&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c55270a7d9d40c62eeaea10e8cd58cf945e28c46293b9ad5d569923631d167ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsbawa.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3782510415247198&correlator=391997625099551&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=22912165821%2CDesktoptop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D39872c9349c6dc24-22336cbcacde00ad%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MZjLJOWQ0QSUlgdsMM0V3A16DXYPA&gpic=UID%3D00000c882013755a%3AT%3D1695954294%3ART%3D1695954294%3AS%3DALNI_MaP-avxkBIvuuOMDu3V894sd0jBvw&abxe=1&dt=1695954295035&lmt=1695950695&adxs=200&adys=2990&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsbawa.com%2F&vis=1&psz=850x90&msz=850x90&fws=0&ohw=0&ga_vid=578116356.1695954295&ga_sid=1695954295&ga_hid=1443432695&ga_fc=false&dlt=1695954294263&idt=719&adks=701335346&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa27ceda3cfc3ba88a82f326feb87e768e002679a3325a0258cde9a9c4944de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20976
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsbawa.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AEEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 02:24:55 GMT
expires
Sat, 28 Sep 2024 02:24:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6527377059910329&plah=itsbawa.com&bust=31078185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ebddab432e1082051922deb31d50f70aafaf5f6d9e86180abac4288d5dc84b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12149
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-259155793-1
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/wp-content/plugins/debloat/inc/delay-load/js/delay-load.min.js?ver=1.2.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
782f2582437649e8612356dab1bf13b772146b050b3149680642d3ce3bbbcb07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68960
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 00:24:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 02:24:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6527377059910329&plah=itsbawa.com&bust=31078185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 02:24:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D7B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 13:16:12 GMT
expires
Fri, 27 Sep 2024 13:16:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 45DA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bac64f587c659203d5fc6aee9d96488924bd3dd16e283aa8d43c3d94c8fcfea3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ELM9JkVwSUy6D3YQfnLgUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ELM9JkVwSUy6D3YQfnLgUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 02:24:55 GMT
expires
Fri, 29 Sep 2023 02:24:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 1D7B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 27 Sep 2023 02:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
171935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 02:39:20 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309151607000/ Frame 2A9C 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:10:59 GMT
age
292436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62227
x-xss-protection
0
server
sffe
etag
"41242159531b2c89"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:10:59 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2A9C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:10:59 GMT
age
292436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"62ebb0de0df26f82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:10:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2A9C 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:10:59 GMT
age
292436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29001
x-xss-protection
0
server
sffe
etag
"c5564a9c7a93c19c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:10:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2A9C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:10:59 GMT
age
292436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"dde9f9175af3842f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:10:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2A9C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:10:59 GMT
age
292436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"97cee024b23d3389"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:10:59 GMT
css
fonts.googleapis.com/ Frame 2A9C 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Sep 2023 02:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 01:53:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Sep 2023 02:24:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A9C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 01:27:29 GMT
x-content-type-options
nosniff
server
cafe
age
3446
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 30 Sep 2023 01:27:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A9C 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 15:21:19 GMT
x-content-type-options
nosniff
server
cafe
age
39816
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 29 Sep 2023 15:21:19 GMT
l
www.google.com/ads/measurement/ Frame 2A9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaYvd9gEvhzW30y_0Sjl7hydYzOYCQG9rk9RSCjsrvojbs7rcBgFt2kT3YKDsNUQjdR5Nd6tzPiCdsvq3vdodCxAhCBA
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
truncated
/ Frame 2A9C 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
115768898dc1b6b0d4f8fe3df5826426e3c40cf40623e40adaaaae490e688279

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 45DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=3782510415247198&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1D7B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uLr4yg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2A9C 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://itsbawa.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 23 Sep 2023 07:47:01 GMT
x-content-type-options
nosniff
age
499074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34024
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 07:47:01 GMT
container.html
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A04 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsbawa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 02:24:55 GMT
expires
Sat, 28 Sep 2024 02:24:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2A9C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Redirect headers

date
Fri, 29 Sep 2023 02:24:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 4A04 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Fri, 29 Sep 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 10:24:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ad2dcc-1f24a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
44995
Expires
Sat, 30 Sep 2023 02:24:58 GMT
c.gif
www.bing.com/aes/ Frame 4A04
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f5a835db-27f3-47a0-a081-3d322a155ff0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f519e232-5969-472b...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=713f329aaec5408996544f37016382ea&SNR=1&GV=2&med=10
0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=713f329aaec5408996544f37016382ea&SNR=1&GV=2&med=10
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:26f0:7100::211:64b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A8594A782BC418C8755572336D261C6 Ref B: FRA31EDGE0211 Ref C: 2023-09-29T02:24:56Z
x-cdn-traceid
0.ae641102.1695954296.d22347a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 29 Sep 2023 02:24:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 00C991CA0E7E4109A16C9C2269811467 Ref B: MIL30EDGE1521 Ref C: 2023-09-29T02:24:56Z
x-cdn-traceid
0.ae641102.1695954296.d22343d
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=713f329aaec5408996544f37016382ea&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 4A04 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
Origin
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 02:24:56 GMT
content-encoding
br
last-modified
Fri, 22 Sep 2023 16:16:52 GMT
vary
Accept-Encoding
x-azure-ref
20230929T022456Z-4pb6dzwvwd6tv7d4f9a2b1qs1c00000003ug000000011dvc
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
460944cd-b01e-00f0-01aa-f0cfeb000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame 4A04 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Fri, 29 Sep 2023 02:24:56 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
6877715
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-man4148-MAN
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1695954296.060588,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
4, 172392
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 4A04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 16:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
34567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 4A04 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 16:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
34567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:49 GMT
l
www.google.com/ads/measurement/ Frame 4A04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe75ufqSl8MqIXiVCA7j839Y_pCFImq1QKM2J7yFwbT33RQpmupmiJNBQmlYIiJhaeYPy_e1ZyFx7G617-SIzJVUP_Uw
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4A04 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
50308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Sep 2024 12:26:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A04 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 02:24:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2A9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNlkhdzUWZbaJFuv33wPZ66-QBcXYxd1x9ZH59r0RwI23ARABIIvL8J0BYLuGgIDQCqABuJObhynIAQGpAsfjsd6lRWw-4AIAqAMByAMKqgSaAk_QNxXZjOIqqnyeKiX7bFNEs01nTUPMIOPCXrTarXY-UN7UZULAnMu4R_oLZ4wNpemfmQVnVv8T1YbINaVyL6z8dZfxtCLdxNLc-9LpTAM2DWDYGc3sbv0YBUl8dJ0TGaNA0VJHE75mugBJjb4r3YQ1AoIc8mWgd1rFTia9Qb3tKQ1INyZQrIjQmlNYA5n34vtlLed6eY_h4BqJw0WEoJK6WWMbz2Nie0Ih8zT5nus-0-lCznR1Tn2ygr4ayw7rqJjD5AOEKBLIvIXZp9lZg9SBnhFXI3wdZJ3pvVU4ljgS9HsGOKINBuq_wR-G_XsZlxrz7Vi_sc6D0EoJ-T5xesn5S-rQNnFLzWtwS3II83CPfKXjWvSQd9g6BMAE_beK8q0E4AQBiAX6_crxS5IFBAgEGAGSBQQIBRgEoAZm2AYCgAe4y-vmA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOHPA6AI2ZSoBLAIAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCShodHRwczovL2JyYXppbGZyb3plbmNoaWNrZW5zdXBwbGllci5jb20vgAoDyAsB4g0TCJ36wIrizoEDFev7dwod2fULUtgTDYIUDRoLaXRzYmF3YS5jb22IFBbQFQGYFgGAFwGyFx8KHQgAEhRwdWItNjUyNzM3NzA1OTkxMDMyORip5pMB&sigh=9qlYIFleFJ8&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNzYs5A6uHP6XbVqwwXGV9zwltj8U9CZm30F5hSeCY6DGdTVA3jSEsn1LiirOTeYM1FYcb2pSDGAE&cbvp=2
Requested by
Host: itsbawa.com
URL: https://itsbawa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
1a
i.clean.gg/ Frame 4A04 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 02:24:56 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 29 Sep 2023 02:24:56 GMT
server
nginx/1.21.6
via
1.1 google
th
www.bing.com/ Frame 4A04 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7696655322915_14IYE662CMUWJKUYQI&pid=21.2&c=16&roil=0.0017&roit=0&roir=0.9967&roib=1&w=200&h=105&qlt=90
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:7100::211:64b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe12197a0092229d7055bf1fd809cf97d419845947caf669ec27e5badcc11a06

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:56 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.ae641102.1695954296.d2234f5
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
6752
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 4A04 		0
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fitsbawa.com&e=wqT_3QLiA-jiAQAAAwDWAAUBCPfq2KgGEObr09aBjJ-9TBgAKjYJAACAMQrX8j8RAABgP1lG8j8ZAAAAgOtR9D8hAA0SACkRJAAxARuwPQrHPzCVNji1AUC1XkjjA1C6iYq2AVjRxwFgAGitMXi_9QWAAQGKAQNVU0SSBQbw_ZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCE2h0dHBzOi8vaXRzYmF3YS5jb22AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMB-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF6uLYqdKmpqElwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9PcG-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAADQgBi2DgBgHyBgIIAIAHAYgHAKAHAcgHv_UF0gcNFWUBJgzaBwYIBQmc4AcA6gcCCADwB8GgSooIAhAAlQgAAIA_mAgCwAjwBtIIBggAEAAYAA..&s=af082f405218ad9884b572961882ae57fe1c1df6&bdref=https%3A%2F%2Fitsbawa.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fitsbawa.com%2F,https%3A%2F%2Fe192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
an-x-request-uuid
b8bbb261-c90f-472f-9b50-9f23f13ed069
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.138.196.100; 217.138.196.100; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=3782510415247198&bg=!NjWlNXrNAAYEJRtnJCU7ADQBe5WfOGX0DvVjigONtcKxvXmFx0oz1oga5-7kg-zx_m6YTY0PCdBvFyaSXhuncz8WRZ5OAgAAAH5SAAAABWgBB5kCuv4HO8HHr-YaJbZUw1vxFMAJw5jTt8XejD5qlyEGIpRKNmsQbKK_7W2g7Oa79HL9eRN1hFmGOinujmyembbQgXVMQ3jUDC1JgssHho6v3FXR6-B75J4K7YxZjqQZQ7w7k0mJis35-ZwSfrLK2Kl3QeY5hEi-Usk3FQUlNibZB__m8a3u7K6PF-tMjf_Y7eyDZ8kI6S1X4PC0ql1WmHvDkPNBXKd7eeYeqpMNSxyquhAk4A9bsjyg8p5SVFIgYZU8CK6XISOYiXK89hQCj46-DhHC8Z4lqG6UPQjuasSykN312VnAFiEzXzkXoYXyVDUbkmwb8vvoAPlJfQ_ec4ho-xDf81skAsHaDocKr3LXLHD4nh49KNSfT8wj-ChZZqFvYlYanNyIQ4sA4AR1HkIRW5fK49zFP65xpbMYnjs9DXjRFuRlirBKAv0BgBpRBVdRJBZhDlJixNKYBBapZ9MQvfwX407m0wtAP3dshuZhxju5j-k0ZFsbNkp8-UTVdTSnUf7EM-rb2fC05oRFWH1RX2h2Reze3gkBW07nPfn-rMC8T5ZNPjWbc5CBsB8MEVz66TC-22kXnd7oCGXVSMUFSd4zoha0WirODv4faeCh2FpoPE8r0h0bleLh42nb5BfUDWA8mLk0lP73tR0jOWXrHrt0FgrwOT7GGLV1pB3EpOO__PmEpbs777Oram-HRBoeaD-6PxxRUchT5yXUTl61tH10pRmq1OMJ6zoLTSlc5-qokDDYcguZ7joWnCefcr4Sy9wjFFBRSM4ANfwBssqClI1zwIPo61dYy9bRt7kq852CBClOosgRT0s_3f6eMG4GZou2KB3FfhD0EAn9eOMDty5V2eEaL5uB__h2BLVs8QPg74Jlx4SIS9gQeL0W_rMCHFpm1U5_5ajH8yKXDEwAyJTmoyfgcjZWew8U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://itsbawa.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D7A8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
67582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 07:38:34 GMT
etag
48472445140208031
expires
Fri, 29 Sep 2023 07:38:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4A04 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a16472f386ec69c851353d4a2b13c5993e51d996532dd36445c55a2f08ebc45

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 4A04 		0
583 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fitsbawa.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCPfq2KgGEObr09aBjJ-9TBgAKjYJAACAMQrX8j8RAABgP1lG8j8ZAAAAgOtR9D8hAA0SACkRJAAxARuwPQrHPzCVNji1AUC1XkjjA1C6iYq2AVjRxwFgAGitMXi_9QWAAQGKAQNVU0SSBQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gITaHR0cHM6Ly9pdHNiYXdhLmNvbYADAIgDAZADAJgDCaADAaoDngMKtAJoDSkcd3d3LmJpbmcBKvB5L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWY1MTllMjMyLTU5NjktNDcyYi04MzNkLTc0OTY4NDE2NjFlYSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFUdXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBmjnEAqHJ0eXBlPW51cmwmdGFnSWQ9NjkzMyZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfQXAWVnb19aWV9pMl9naGFyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTUxMDg1Mzg0NjI1MDA5MjAwNiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekl6TmpFNU16RTBPREV3TWpZak1qTXlOREUyTVRReU16RXdOalF4Tnc9PcAD2ATIAwDYAwDgAwDoAwH4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXq4tip0qamoSXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX09wb6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7_1BdIHDQkRKAEmDNoHBggFCajgBwDqBwIIAPAHwaBKiggCEACVCAAAgD-YCALACPAG0ggJCP___z8QAhgA&s=b0d11b4f9a8ca87909f650d212720614799dd61c&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=4249403651256401625&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=android&x=v&tag_id=6933&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
an-x-request-uuid
109e6315-6862-49a7-98b4-30332c9c31d7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.138.196.100; 217.138.196.100; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9_pydzUWZbzdI4K0juwPl5ij8APS4Nfgbo-ktpOTCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04NTA2NzUwMzkzODkwODcyyAEJ4AIAqAMByAMCqgT-AU_Qst2YNQvpmQG6eEFJ6ZJB2o6ZIdKSPxuFn-SoEDZQ2EmtjR3bwUPDe3iQ98UGm6dRzqWfLSXC5_wZhI1ULYNBwLN3EmVltpQd7_gDVuWylaBwL-YQFR-vi1dOSvE9I-1R7VFWpBfT5wU9-7mjfzrOFMNVhjNNxqf8qJOKYol6m1of4gQ-3SqR4LGg60laio5-TDSxIp-Fawyfm1XRBQRK8mL0bfwo9ni5p7R_FythsRJLZY9Rv95d9B2nyvJ_8II7O2tbilFHUNG5wE6MUV2UbxnaalkjjRqQHgtRqK7M94aTKiiwufr5c1fBiuDTcYjqAlIA_9ARXoW0fYQz4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTg1MDY3NTAzOTM4OTA4NzIYqeaTAQ&sigh=sL8mvBgxYsM&uach_m=[UACH]&cid=CAQSOwDICaaNktW4ww0-Z3SK8vss4om_F3oYm0nab64OqyIoXoTvgLSXIq4FMm5k6Iph8sOwxqcfdouXexDQGAE&cbvp=2&vis=1
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
it
ams3-ib.adnxs.com/ Frame 4A04 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fitsbawa.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCPfq2KgGEObr09aBjJ-9TBgAKjYJAACAMQrX8j8RAABgP1lG8j8ZAAAAgOtR9D8hAA0SACkRJAAxARuwPQrHPzCVNji1AUC1XkjjA1C6iYq2AVjRxwFgAGitMXi_9QWAAQGKAQNVU0SSBQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gITaHR0cHM6Ly9pdHNiYXdhLmNvbYADAIgDAZADAJgDCaADAaoDngMKtAJoDSkcd3d3LmJpbmcBKvB5L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWY1MTllMjMyLTU5NjktNDcyYi04MzNkLTc0OTY4NDE2NjFlYSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFUdXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBmjnEAqHJ0eXBlPW51cmwmdGFnSWQ9NjkzMyZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfQXAWVnb19aWV9pMl9naGFyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTUxMDg1Mzg0NjI1MDA5MjAwNiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekl6TmpFNU16RTBPREV3TWpZak1qTXlOREUyTVRReU16RXdOalF4Tnc9PcAD2ATIAwDYAwDgAwDoAwH4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXq4tip0qamoSXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX09wb6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7_1BdIHDQkRKAEmDNoHBggFCajgBwDqBwIIAPAHwaBKiggCEACVCAAAgD-YCALACPAG0ggJCP___z8QAhgA&s=b0d11b4f9a8ca87909f650d212720614799dd61c&pp=ZRY1dwAI7rwHg5oCAAjMF9XSgEWEEOXshj1RvA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE1xzdzUWZbzdI4K0juwPl5ij8APS4Nfgbo-ktpOTCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04NTA2NzUwMzkzODkwODcyyAEJ4AIAqAMByAMCqgSBAk_Qst2YNQvpmQG6eEFJ6ZJB2o6ZIdKSPxuFn-SoEDZQ2EmtjR3bwUPDe3iQ98UGm6dRzqWfLSXC5_wZhI1ULYNBwLN3EmVltpQd7_gDVuWylaBwL-YQFR-vi1dOSvE9I-1R7VFWpBfT5wU9-7mjfzrOFMNVhjNNxqf8qJOKYol6m1of4gQ-3SqR4LGg60laio5-TDSxIp-Fawyfm1XRBQRK8mL0bfwo9ni5p7R_FythsRJLZY9Rv95d9B2nyvJ_8II7O2tbilFHUNG5wE6MUV2UbxnaalkjjViSP5mTDFShY3znn7bpPUz9UF1Fg87LqCpsW9a8f_o9RkU1n-mnNWbi4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vumY_G5uumphM4EZ0QgZVMKi_Kg%26client%3Dca-pub-8506750393890872%26adurl%3D&cbvp=2
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
an-x-request-uuid
153d320a-c670-4b36-9ba3-7b9951494ee3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.138.196.100; 217.138.196.100; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D7A8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOVeSRhIuIq6uh57onWO4og&google_cver=1&google_push=AXcoOmTtcypGeZ1QfVIGrv-TZO5Kez1ofHbP_wA3kDwXE3Vi7CWpnBElxJaUFoIomi3Q7NG6-NoTL-eAHqDe3sSyVlC80XvRjUg
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D7A8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VldsWjJ6RHkxUU0zYnk1&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6m...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VldsWjJ6RHkxUU0zYnk1&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6mAiSwN2eCG27zf4qSrKX_WHT_cmbjHV8M6MSLJC7KckTSuFll8Tull
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 02:24:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0053f1d5977a03565@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VldsWjJ6RHkxUU0zYnk1&google_gid=CAESEKzhrrLmQSQ6IZ0zY-Fr6To&google_cver=1&google_push=AXcoOmRof4bWJDaAplI7r-xldSf3Afgt10pWR0lexvljO6mAiSwN2eCG27zf4qSrKX_WHT_cmbjHV8M6MSLJC7KckTSuFll8Tull
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame D7A8 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTv7i0VZN6W0TPD8wmy2oYbADKtJQqSqomy4YD3wPqBuTs13-OzzlhTGgvuEtbs93_9gSuh2Vu9Y9yfqMUM90mDMAlu25I&google_gid=CAESEHFoiChFWweXkGuH16Oq6bs&google_cver=1
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
333822
expires
Fri, 29 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D7A8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WB5xMwWwTqybHM1yOPgwTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WB5xMwWwTqybHM1yOPgwTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ1mH0mUtvegwSNmQtepc7MM392p6GNmxm_yiONBP4r8R4_6odl4LvgJ5Yu21fGcGOLeyaKsSVgBqQdffOdcFmaaq3VXo0-
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WB5xMwWwTqybHM1yOPgwTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ1mH0mUtvegwSNmQtepc7MM392p6GNmxm_yiONBP4r8R4_6odl4LvgJ5Yu21fGcGOLeyaKsSVgBqQdffOdcFmaaq3VXo0-
date
Fri, 29 Sep 2023 02:24:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D7A8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPiTJyGlYCPPpe1j_OATdnA&google_cver=1&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkB...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4zWkVFSUYtRi03Q1pS&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkBX5lARmVV1wEDZQ2iGIRpT81UP
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4zWkVFSUYtRi03Q1pS&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkBX5lARmVV1wEDZQ2iGIRpT81UP
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4zWkVFSUYtRi03Q1pS&google_push=AXcoOmSZfVsum2-5G_axWj9w84DOMa0BmwHPuRcgsG5RYaAc4pl56tvkp7-tQtFce8eVOSkPFkBX5lARmVV1wEDZQ2iGIRpT81UP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
pixel
cm.g.doubleclick.net/ Frame D7A8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_hm=ZRY1eFAxNCyCf7SWce2ElQAABywAAAAB&google_nid=index&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_hm=ZRY1eFAxNCyCf7SWce2ElQAABywAAAAB&google_nid=index&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlmjhvypXFtjcMNDQA3rBiqot8d41vEcb_-YRhM65lSUq1FQxRrvNCxQJ8GjQqQfcQ
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmqTMlvhsNznUqw270jwYjX4JLO3MXEfeeI6cHoyUHiu2Z%2FeDT8L1SRhtsgj3D9IcOxwG0ayJB3dRkWchK9Gz8WxZMJbXcjd4Hk2Gxfdk620wBwoqdEXi4OeJdK5IEtActrbPrIXnnrmQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ-ZyMydsEPjYgxN8PkplR0&google_hm=ZRY1eFAxNCyCf7SWce2ElQAABywAAAAB&google_nid=index&google_push=AXcoOmTJRXwGU6t27sQKg48kA1m7TvX4onwlmjhvypXFtjcMNDQA3rBiqot8d41vEcb_-YRhM65lSUq1FQxRrvNCxQJ8GjQqQfcQ
cache-control
no-cache
cf-ray
80e0c5d2bbb7222a-MAN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
report
sync.teads.tv/um/ Frame D7A8
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM-Kim7BsU0A...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRUrjmIrfG6LaEUSFEZQC7ua1a4-PM9f0ZOfmZnj1_o352OwOpT9qAwYDG24H-Lk72W44LW6sC4YV5scU2As8tDRqZ8_i9Gfg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires
Fri, 29 Sep 2023 02:24:56 GMT
pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D7A8 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9ExFjIuZKGczIaJuqzJ034gEux41GD-FFS5MvJ2AA13lKYlmh8Vu5RbSuWWMVemxbUyE6LQ
Requested by
Host: e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
URL: https://e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 02:24:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| SSB object| optimoleData function| google_spfd number| google_unique_id object| google_sv_map object| googletag object| q2w3_sidebar_options object| wpcf7 object| megamenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_run_238083233275 boolean| ai_js_code object| debloatConfig function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| ssbPlugin function| docLoadedFun function| toggleSidebarButtons object| nutmeg object| $nutmegDocument function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded object| swv function| ai_document_write string| selector_string object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Domain/Path Name / Value
.itsbawa.com/ Name: __gads
Value: ID=39872c9349c6dc24-22336cbcacde00ad:T=1695954294:RT=1695954294:S=ALNI_MZjLJOWQ0QSUlgdsMM0V3A16DXYPA
.itsbawa.com/ Name: __gpi
Value: UID=00000c882013755a:T=1695954294:RT=1695954294:S=ALNI_MaP-avxkBIvuuOMDu3V894sd0jBvw
.doubleclick.net/ Name: IDE
Value: AHWqTUm9k5EBHW16ryHSRRGgd7mVW_eL9RfP01Or2iO6Bz_YDHbqy5wVFvfjMwYaBek
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bing.com/ Name: MUID
Value: 12503FE0083F6E74216F2C7B09486F37
.casalemedia.com/ Name: CMID
Value: ZRY1eFAxNCyCf7SWce2ElQAA
.casalemedia.com/ Name: CMPS
Value: 1836
.casalemedia.com/ Name: CMPRO
Value: 1836
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 581E7133-05B0-4EAC-9B1C-CD7238F8304E
.w55c.net/ Name: wfivefivec
Value: VWlZ2zDy1QM3by5
.w55c.net/ Name: matchgoogle
Value: 5

1 Console Messages

Source Level URL
Text
javascript warning URL: https://itsbawa.com/
Message:
The resource https://www.googletagmanager.com/gtag/js?id=UA-259155793-1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
adsdk.microsoft.com
ams3-ib.adnxs.com
cdn.adnxs.com
cdn.ampproject.org
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
e192b9adbda1d329d02e5475e3dce446.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.clean.gg
image6.pubmatic.com
itsbawa.com
mlqchzvmg8af.i.optimole.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
sync.teads.tv
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.26.193
142.250.186.130
151.101.65.108
178.250.1.9
185.89.210.20
198.47.127.19
23.35.236.188
23.35.237.56
2600:9000:2394:9600:2:6f7a:6f00:93a1
2620:1ec:bdf::44
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a02:26f0:7100::211:64b2
2a02:4780:b:964:0:1a82:3b37:1
2a02:fa8:8806:12::1400
34.95.69.49
35.157.117.145
69.173.144.139
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a16472f386ec69c851353d4a2b13c5993e51d996532dd36445c55a2f08ebc45
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10974f78c81746779ef983a8086cb12a3c67c99c4b2bd0065c09a9b468739d37
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
115768898dc1b6b0d4f8fe3df5826426e3c40cf40623e40adaaaae490e688279
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
18bdf10bc50a7bc3c4e9e74ca28f75511caebb904d3af6720eb0f95459953dff
1c653354ff5f5d33d4f584291d563138c565e4647eabd83ab9a3cf0665c911d0
245105bfe43ccb81c0d3e2acd7ccdb5584b65e7615b3a26d262022378e5638ae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31
610307a1a9916e31c6e47353555eacee8ce4cb922fe3ce1a97c8924a530dc1f5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624cde597eca3d6f239fa030922a186f6361bcea38ef36267d0ca812c6d945c5
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7485e4dbb924416bbe59d3211d350e544c89d83682f480e54ea91cb8959fa917
782f2582437649e8612356dab1bf13b772146b050b3149680642d3ce3bbbcb07
7932ad83fdd0622512869ef8e1324b20d95e8f0b26ff90d5112997cffbb0137c
7cbc2438a8d8a681cbdaacd18d52d9452fe3f355e10b5539a3f50ed8fe776336
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
88bafdda2e75421b13aa3d4b9ad57e5f55f223571cea51bec667d38f1f761361
8e757f6e32ffcbdc9720f88055447813e7abc7ab26a34fd545ac0599e8869873
8ebddab432e1082051922deb31d50f70aafaf5f6d9e86180abac4288d5dc84b0
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96
98b3f307a592154d8029581be6fa886f72839f6b918ef689581310ace8b6480c
9968c91eee37bb98a51c2921bf6b79d3854bc606f0600afd581cb4735e5c69e6
99d58b848f33bb10b04f3c7a580e53ad53cf25cbe2f43eef9179f1b33d02b39b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aa4c8cac1550a9afaa1b33e95c7000d83f7f0763fb91bf680f3310dae8513d9e
ae308e0f954dd9a45304361e81dffc8a3893584af53b9779722bbb51a7c71e08
bac64f587c659203d5fc6aee9d96488924bd3dd16e283aa8d43c3d94c8fcfea3
c55270a7d9d40c62eeaea10e8cd58cf945e28c46293b9ad5d569923631d167ad
cd265f018e8c987adb80c2564378af30acab3f9b44e4c15c4aa8671d3e9a0545
ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1
cebf58200382002771bc0ee9652e7512a4e7992220d6851626387a6e2da04cec
d820d5dfd8e04c7fc43530a20e0d9759f3f398f02bb57046fbbcae5ecce469a2
d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374
daa27ceda3cfc3ba88a82f326feb87e768e002679a3325a0258cde9a9c4944de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7
ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f2beef06223d6ede7b92e9931ee927a76fa8b06a837a0d2181bf974a098d9ec1
f3246a9106fd3dc1b6eb814c4b65fd0830b1a6412a47ff217a0e487bbbe4cd4b
fcc7eca0021cf07d4bd8c4a5c522a8568b779e97322979fdd066668a3b5d495b
fe12197a0092229d7055bf1fd809cf97d419845947caf669ec27e5badcc11a06